1. 首頁
  2. 問答
  3. SQL錯誤:查詢空

SQL錯誤:查詢空

2011-09-03 123 views
0 
mysql_select_db("musicDB", $con); 

$sql = mysql_query("INSERT INTO Users (username, fname, lname, email, dob, password, occupation, genre) 
VALUES ('$_POST[username]', '$_POST[fname]', '$_POST[lname]', '$_POST[email]', '$_POST[dob]', sha1('$_POST[password]'), '$_POST[occupation]', '$_POST[genre]')"); 

if (!mysql_query($sql,$con)) 
{ 
    die('Error: ' . mysql_error()); 
} 
echo "1 record added"; 
?>

我新的PHP和我得到這個SQL錯誤:SQL錯誤:查詢空

The query is empty.

我在做什麼錯?

來源

2011-09-03 michelle

+2

歡迎SQLI ...閱讀[SQL注入](http://php.net/manual/en/security.database.sql-injection.php) – genesis

回答

0

宣佈串查詢變量時,不使用$sql = mysql_query(...);只是簡單$sql = "...";,它應該正常工作

來源

2011-09-03 09:44:56

1 
$sql = mysql_query("INSERT INTO Users (username, fname, lname, email, dob, password, occupation, genre) 
VALUES ('$_POST[username]', '$_POST[fname]', '$_POST[lname]', '$_POST[email]', '$_POST[dob]', sha1('$_POST[password]'), '$_POST[occupation]', '$_POST[genre]')"); 

if (!sql) 
{

是正確的。你試圖做

if(!mysql_query(mysql_query("...."))) 
{

來源

2011-09-03 09:48:18 genesis

1 
mysql_select_db("musicDB", $con); 

// that's dirty but at least something to protect that silly code 
$_POST['password'] = sha1($_POST['password'].$_POST['username']); 
foreach($_POST as $key => $value) $_POST[$key] = mysql_real_escape_string($value); 

$sql = "INSERT INTO Users (username, fname, lname, email, dob, password, occupation, genre) 
     VALUES ('$_POST[username]', '$_POST[fname]', '$_POST[lname]', '$_POST[email]', 
       '$_POST[dob]', '$_POST[password]', '$_POST[occupation]', '$_POST[genre]')"); 

if (!mysql_query($sql,$con)) 
{ 
    trigger_error(mysql_error()." ".$sql); 
} else { 
    echo "1 record added"; 
} 
?>

來源

2011-09-03 09:52:07

相關問題

 相關問題