我無法從我的表單中獲取數據以加載到MySQL數據庫中。請幫忙! 這是錯誤,我得到:你的SQL語法有錯誤;檢查與您的MySQL服務器版本相對應的手冊,在第5行'''附近使用正確的語法
Error: INSERT INTO add_review (name,email,details) VALUES ('Darron Brown', '[email protected]', 'ldldjd',) You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 5
<?php
// Connect to MySQL
// a. Variables
$host = "hostname";
$username = "user";
$password = "secretpassword";
$dbname = "myDatabase";
// b. Connection
$connection = mysqli_connect($host, $username, $password, $dbname);
// c. Check our connection
if(mysqli_connect_errno()) {
die("Database connection failed: " .
mysqli_connect_error() .
" (" . mysqli_connect_errno() . ")"
);
}
// Insert our data
$name = isset($_POST["name"]) ? $_POST["name"] : "";
$email = isset($_POST["email"]) ? $_POST["email"] : "";
$details = isset($_POST["details"]) ? $_POST["details"] : "";
$name = mysqli_real_escape_string($connection, $name);
$email = mysqli_real_escape_string($connection, $email);
$details = mysqli_real_escape_string($connection, $details);
$sql = "INSERT INTO add_review (name,email,details) VALUES (
'$name',
'$email',
'$details',
)";
// $insert = $connection->query($sql);
// Print response from MySQL
if (mysqli_query($connection, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection);
}
// Close our connection
mysqli_close($connection);
?>
<div class = "section page">
<div class="wrapper">
<h1>Add a Review</h1>
<p>If you think there is something I am missing, let me know! Complete the form to send me an email.</p>
<form method="post" action="">
<table>
<tr>
<th><label for="name">Movie Name</label></th>
<td><input type="text" id="name" name="name" /></td>
</tr>
<tr>
<th><label for="email">Email</label></th>
<td><input type="text" id="email" name="email" /></td>
</tr>
<tr>
<th><label for="email">Suggest Movie Details</label></th>
<td><textarea name="details" id="details"></textarea></td>
</tr>
</table>
<input type="submit" value="Send" />
</form>
</div>
</div>
''$ details','???檢查逗號,並更好地使用準備好的語句來防止SQL攻擊 – devpro
刪除'$ details'後的逗號,然後學習mysqli準備爲@devpro在上面提出的建議。 –
@ @MasivuyeCokile – devpro