PHP回顯代碼不能正常工作

Question

以下是試圖打印某些語句的PHP代碼。但它是所有打印以下錯誤：

解析錯誤：語法錯誤，在C意想不到T_STRING：\ Program Files文件\ Apache的集團\的Apache2 \ htdocs目錄\ chat_status.php上線8

的代碼：

<?php 
session_start(); 
$con=mysql_connect("localhost","hi","hello"); 
mysql_select_db("my_db",$con); 
$check_table=mysql_query("SELECT * FROM `$row[studentid]"."to"."$_GET[id]`); 
if($check_table!=FALSE) 
{ 
$asd="no suggestion"; 
echo $asd; 
} 
else 
{ 
$result1=mysql_query("SELECT * FROM students WHERE email='$_SESSION[user_name]'"); 
$row=mysql_fetch_array($result1); 
$create_table="CREATE TABLE `$row[studentid]"."to"."$_GET[id]`(post_number int not null 
auto_increment,primary key(post_number),data text(20000))"; 
$result=mysql_query($create_table,$con); 
} 

?> 

Answer 1

更改以下行：

$check_table=mysql_query("SELECT * FROM `$row[studentid]"."to"."$_GET[id]`"); 

注收盤"。

而且注從@ jamie0726（感謝）的評論：

Please do not use $_GET in your query under any circumstances. That's a severe security mistake (SQL injection, it's very easy to delete your database for example with your code.). You can avoid this easily. Check out

Answer 2

試試這個

<?php 
session_start(); 
$con=mysql_connect("localhost","hi","hello"); 
mysql_select_db("my_db",$con); 
$check_table=mysql_query("SELECT * FROM '$row[studentid]'.'to'.'$_GET[id]' "); 
if($check_table!=FALSE) 
{ 
$asd="no suggestion"; 
echo $asd; 
} 
else 
{ 
$result1=mysql_query("SELECT * FROM students WHERE email='$_SESSION[user_name]'"); 
$row=mysql_fetch_array($result1); 
$create_table="CREATE TABLE '$row[studentid]'.'to'.'$_GET[id]' (post_number int not null 
auto_increment,primary key(post_number),data text(20000))"; 
$result=mysql_query($create_table,$con); 
} 

?>