0
我想插入一個記錄到數據庫,但它給了我一個錯誤。手冊,對應於您的MySQL服務器版本使用正確的語法附近使用
我正在使用PHP和MySQL。
我需要一個成功的結果,但我發現了一個錯誤,這裏是我的代碼:
$Pname = $_POST[Pname];
$P_Price = $_POST[P_Price];
$P_Desc = $_POST[P_Desc];
$P_City = $_POST[P_City];
$P_Size = $_POST[P_Size];
$P_Rooms = $_POST[P_Rooms];
$P_garage = $_POST[P_garage];
$P_Address = $_POST[P_Address];
$P_Long = $_POST[P_Long];
$P_Lat = $_POST[P_Lat];
$Provinces_idProvinces = $_POST[Provinces_idProvinces];
// array for JSON response
$response = array();
$result = mysql_query("INSERT INTO property(Pname,P_Price,P_Desc,P_City,P_Size,P_Rooms,P_garage,P_Address,P_Long,P_Lat,Provinces_idProvinces)
VALUES ('".$Pname."',".$P_Price.",'".$P_Desc."','".$P_City."','".$P_Size."','".$P_Rooms."',".$P_garage.",'".$P_Address."',".$P_Long.",".$P_Lat.",".$Provinces_idProvinces."'");
if ($result) {
// successfully inserted into database
$response["success"] = 1;
$response["message"] = $result ;
// echoing JSON response
echo json_encode($response);
} else {
// failed to insert row
$response["success"] = 0;
$response["message"] = mysql_error();
這是我的錯誤:
{"success":0,"message":"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''','','','',,'',,,'' at line 2"}
我檢查過了,但它仍然給我同樣的錯誤。請幫忙,現在差不多3天了。
下面是MySQL查詢:
delimiter $$
CREATE TABLE `property` (
`idProperty` int(11) NOT NULL AUTO_INCREMENT,
`Pname` varchar(45) DEFAULT NULL,
`P_Price` double DEFAULT NULL,
`P_Desc` varchar(45) DEFAULT NULL,
`P_City` varchar(45) DEFAULT NULL,
`P_Size` varchar(45) DEFAULT NULL,
`P_Rooms` varchar(45) DEFAULT NULL,
`P_garage` int(11) DEFAULT NULL,
`P_Address` varchar(45) DEFAULT NULL,
`P_Long` int(11) DEFAULT NULL,
`P_Lat` int(11) DEFAULT NULL,
`P_Sold` tinyint(1) DEFAULT '0',
`Provinces_idProvinces` int(11) NOT NULL,
PRIMARY KEY (`idProperty`),
KEY `fk_Property_Provinces` (`Provinces_idProvinces`),
CONSTRAINT `fk_Property_Provinces` FOREIGN KEY (`Provinces_idProvinces`) REFERENCES `provinces` (`idProvinces`) ON DELETE NO ACTION ON UPDATE NO ACTION
) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=latin1$$
「我檢查了一切」D您檢查查詢*實際看起來像什麼?* –
SQL注入,用引號和撇號錯誤的工作,沒有檢查調用它後的查詢看起來像是什麼樣的(你試過在你的查詢中「echo」? – shadyyx