您好我有上有一個文本區形成具有描述性文本將包含標點符號,如逗號等niceEDIT和PHP/MySQL的特殊字符
在PHP腳本我已經使用這個
$description = empty($_POST['inputDescription'])? 'NULL': "'" . mysql_real_escape_string($_POST['inputDescription']) . "'";
但提交包含逗號的是這個文字時,我仍然得到一個語法錯誤..
你有一個錯誤的SQL語法;檢查對應於你的MySQL服務器版本的手冊正確的語法附近「使用s
任何想法將是巨大的,我拉我的頭髮!
編輯大量的代碼(對不起)
<?php
session_start();
include "includes/connection.php";
$contact = $_POST['inputName'];
$company = $_POST['inputCompany'];
$region = $_POST['inputRegion'];
$address1 = $_POST['inputAddress1'];
$address2 = empty($_POST['inputAddress2'])? 'NULL' : "'" . mysql_real_escape_string( $_POST['inputAddress2']) . "'";
$city = $_POST['inputCity'];
$county = empty($_POST['inputCounty'])? 'NULL' : "'" . mysql_real_escape_string( $_POST['inputCounty']) . "'";
$postcode = $_POST['inputPostcode'];
$email = empty($_POST['inputEmail'])? 'NULL' : "'" . mysql_real_escape_string( $_POST['inputEmail']) . "'";
$telephone1 = $_POST['inputPhoneOne'];
$telephone2 = empty($_POST['inputPhoneTwo'])? 'NULL' : "'" . mysql_real_escape_string( $_POST['inputPhoneTwo']) . "'";
$website = empty($_POST['inputWebsite'])? 'NULL' : "'" . mysql_real_escape_string( $_POST['inputWebsite']) . "'";
$description = empty($_POST['inputDescription'])? 'NULL': "'" . mysql_real_escape_string($_POST['inputDescription']) . "'";
$userid = $_POST['inputUserID'];
if(
$contact == '' ||
$company == '' ||
$address1 == '' ||
$address2 == '' ||
$city == '' ||
$county == '' ||
$postcode == '' ||
$telephone1 == '' ||
$telephone2 == '' ||
$email == '' ||
$website == '' ||
$description == '' ||
$region == '' ||
$userid == ''){
$_SESSION['status'] = 'error';
} else {
mysql_query("INSERT INTO RegionalContacts
(`bID`,`user_id`,`Name`,`Company`,`Address1`,`Address2`,`City`,`County`,`Postcode`,`Telephone1`,`Telephone2`,`eMail`,`Website`,`Description`,`Region`)
VALUES(NULL,'$userid','$contact','$company','$address1',$address2,'$city',$county,'$postcode','$telephone1',$telephone2,$email,$website,$description,'$region')") or die(mysql_error());
$_SESSION['status'] = 'success';
}
header("location: regionalContacts.php");
?>
顯示其執行SQL代碼。 (和SQL。) –
而不是顯示冗長的PHP腳本,你可以附加確切的插入語句 – ajreal
我把這個代碼放在@nickc的請求,以便他有一切可以幫助謝謝你的建議,儘管 –