我遇到了更新包含HTML数据的我的MySQL数据的问题,我不断修正错误;但是,一旦一个错误得到解决,就会给出另一个错误。当前的错误如下:PHP包含关键字/保留字的MySQL查询
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc='Live updates to certain games will also be posted on this website througho' at line 1
我一直在清除堆栈溢出了近3天没有任何明确的答案。所以我希望有人能找到这个!
这里是我的PHP表单代码:
if (isset($_POST['submit'])) {
$WName = mysql_prep($_POST['wname']);
$SName = mysql_prep($_POST['sname']);
$Desc = mysql_prep($_POST['desc']);
$LogoURL = mysql_prep($_POST['logourl']);
$aboutPage = mysql_prep($_POST['aboutpage']);
$query = "UPDATE settings SET name='$WName',subName='$SName',desc='$Desc',logoUrl='$LogoURL',about='$aboutPage'";
// $query = mysql_prep($query);
mysql_query($query) or die(mysql_error());
header("Location: settings.php?=success");
}
功能
mysql_prep()可以在互联网,即在这里找到: https://gist.github.com/ZachMoreno/1504031
下面是HTML表单:
<form role="form" action="" method="post">
<!-- text input -->
<div class="form-group">
<label>Website Name</label>
<input type="text" name="wname" class="form-control" placeholder="
<?php echo $row['name']; ?>" value="
<?php echo $row['name']; ?>" />
</div>
<div class="form-group">
<label>Sub Name</label>
<input type="text" name="sname" class="form-control" placeholder="
<?php echo $row['subName']; ?>" value="
<?php echo $row['subName']; ?>" />
</div>
<div class="form-group">
<label>Description</label>
<textarea name="desc" class="form-control" rows="3" placeholder="
<?php echo $row['desc']; ?>" >
<?php echo $row['desc']; ?>
</textarea>
</div>
<div class="form-group">
<label>Logo URL</label>
<input type="text" name="logourl" class="form-control" placeholder="
<?php echo $row['logoUrl']; ?>" value="
<?php echo $row['logoUrl']; ?>" />
</div>
<div class="form-group">
<label>About Page</label>
<textarea class="form-control" name="aboutpage" rows="6" placeholder="
<?php echo $row['about']; ?>">
<?php echo $row['about']; ?>
</textarea>
</div>
<div class="box-footer">
<input type="submit" name="submit" class="btn btn-primary" value="Submit" style="margin-left:-10px;" />
</div>
</form>
谢谢非常希望你能提供任何帮助,我希望能够解决这个问题,并且我的目标是用来帮助未来的访问者相同/相似的问题。
应该使用mysqli_函数和mysqli_real_escape_string()函数,而不是旧的,不推荐使用的mysql_函数。 – SyntaxLAMP
你可以var_dump($ query)'并发布结果 – MaggsWeb
如何使用'htmlspecialchars()'和'mysqli_real_escape_string()'? – Thamilan