1. 首页
  2. 问答
  3. SQL错误:查询空

SQL错误:查询空

2011-09-03 124 views
0 
mysql_select_db("musicDB", $con); 

$sql = mysql_query("INSERT INTO Users (username, fname, lname, email, dob, password, occupation, genre) 
VALUES ('$_POST[username]', '$_POST[fname]', '$_POST[lname]', '$_POST[email]', '$_POST[dob]', sha1('$_POST[password]'), '$_POST[occupation]', '$_POST[genre]')"); 

if (!mysql_query($sql,$con)) 
{ 
    die('Error: ' . mysql_error()); 
} 
echo "1 record added"; 
?>

我新的PHP和我得到这个SQL错误:SQL错误:查询空

The query is empty.

我在做什么错?

来源

2011-09-03 michelle

+2

欢迎SQLI ...阅读[SQL注入](http://php.net/manual/en/security.database.sql-injection.php) – genesis

回答

0

宣布串查询变量时,不使用$sql = mysql_query(...);只是简单$sql = "...";,它应该正常工作

来源

2011-09-03 09:44:56

1 
$sql = mysql_query("INSERT INTO Users (username, fname, lname, email, dob, password, occupation, genre) 
VALUES ('$_POST[username]', '$_POST[fname]', '$_POST[lname]', '$_POST[email]', '$_POST[dob]', sha1('$_POST[password]'), '$_POST[occupation]', '$_POST[genre]')"); 

if (!sql) 
{

是正确的。你试图做

if(!mysql_query(mysql_query("...."))) 
{

来源

2011-09-03 09:48:18 genesis

1 
mysql_select_db("musicDB", $con); 

// that's dirty but at least something to protect that silly code 
$_POST['password'] = sha1($_POST['password'].$_POST['username']); 
foreach($_POST as $key => $value) $_POST[$key] = mysql_real_escape_string($value); 

$sql = "INSERT INTO Users (username, fname, lname, email, dob, password, occupation, genre) 
     VALUES ('$_POST[username]', '$_POST[fname]', '$_POST[lname]', '$_POST[email]', 
       '$_POST[dob]', '$_POST[password]', '$_POST[occupation]', '$_POST[genre]')"); 

if (!mysql_query($sql,$con)) 
{ 
    trigger_error(mysql_error()." ".$sql); 
} else { 
    echo "1 record added"; 
} 
?>

来源

2011-09-03 09:52:07

相关问题

 相关问题