0
我有一個PHP MSSQL查詢以前工作,Hoever,因爲我改變了一個看起來與查詢無關的元素,它已經開始拋出錯誤。無法找到PHP語法錯誤
下面是該查詢:
<?php
if (isset($_POST['paper'])) {
$PageHTML = $_POST['ckeditor'];
$PageID = $_GET['id'];
$myServer = "**.***.***.**";
$myUser = "username";
$myPass = "password";
$myDB = "database";
$dbhandle = mssql_connect($myServer, $myUser, $myPass)
or die("Couldn't connect to SQL Server on $myServer");
mssql_select_db($myDB) or die;
$dbTABLE = "Table_Name";
$query_sql = sprintf("UPDATE %s SET PageHTML = ('%s') WHERE PageID = '%d'",
$dbTABLE,
$PageHTML,
$PageID);
if ($result = mssql_query($query_sql, $dbhandle)) {
header('Location: Manage.php');
}
}
?>
的錯誤是已經開始投擲如下:
Warning: mssql_query() [function.mssql-query]: message: Incorrect syntax near 're'. (severity 15) in (file path) on line 59
Warning: mssql_query() [function.mssql-query]: message: Unclosed quotation mark after the character string '</p> </div> </td> </tr> </tbody> </table>') WHERE PageID = '2''. (severity 15) in (file path) on line 59
59行是這一行:
if ($result = mssql_query($query_sql, $dbhandle)) {
我已經檢查了它並在其他領域使用類似的語法。任何人都可以看到它錯在哪裏?
看起來像'$ query_sql'有語法錯誤。你能迴應嗎? – Tchoupi
是的,它似乎回聲正確。它回聲:UPDATE Database_Table SET PageHTML =('content of textarea')WHERE PageID ='1' – Bohdi
它看起來像你的錯誤**是**'textarea的內容:p你應該轉義'$ PageHTML',它是打開的錯誤和注射。 – Tchoupi