我写了一个非常简单的函数:
function editCategory() {
$ID = urlencode($_GET['id']);
$cname = mysql_fix_string($_POST['cname']);
$kabst = mysql_fix_string($_POST['kabst']);
$kselect = $_POST['kselect'];
$subsl = $_POST['subsl'];
$kradio = $_POST['kradio'];
$ksubmit = $_POST['ksubmit'];
if (isset($ksubmit)) {
$query = "UPDATE category SET name = '$cname', description = '$kabst', published = '$kselect', home = '$kradio', subcat = '$subsl' WHERE id = $ID ";
$result = mysql_query($query);
if (mysql_affected_rows () == 1) {
echo "ok";
}
else{
echo mysql_error();
}
}
}
function mysql_fix_string($string)
{
if (get_magic_quotes_gpc())
$string = stripslashes(($string));
return mysql_real_escape_string($string);
}
错误:
您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以在第 1 行的 '' 附近使用正确的语法
怎么了?