这是我的一段代码:
<?php
$store_poster=$_POST['poster'];
$store_title=$_POST['title'];
$store_message=$_POST['message'];
$store_parent=$_POST['parent'];(parent 是个数字,其它的都是字符串)
//check not a duplicate
$conn=mysql_connect('localhost','root','lvliangwei'); mysql_select_db('lvyou', $conn) or die ('Can\'t use lvyou : ' . mysql_error());
$query="select header.postid from header ,body where
header.postid=body.postid and
header.parent=".$store_parent." and
header.poster='".$store_poster."' and
header.title='".$store_title."' and
body.message='".$store_message."'";
$result=mysql_query($query)or die("invalid query: " . mysql_error());
if(!$result){return false;}
$num_rows=mysql_num_rows($result);
在浏览器中运行时出现入下提示:
invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'and header.poster= and header.title= and body.message='
这是怎么回事 我的$query语句赋值有错么?
<?php
$store_poster=$_POST['poster'];
$store_title=$_POST['title'];
$store_message=$_POST['message'];
$store_parent=$_POST['parent'];(parent 是个数字,其它的都是字符串)
//check not a duplicate
$conn=mysql_connect('localhost','root','lvliangwei'); mysql_select_db('lvyou', $conn) or die ('Can\'t use lvyou : ' . mysql_error());
$query="select header.postid from header ,body where
header.postid=body.postid and
header.parent=".$store_parent." and
header.poster='".$store_poster."' and
header.title='".$store_title."' and
body.message='".$store_message."'";
$result=mysql_query($query)or die("invalid query: " . mysql_error());
if(!$result){return false;}
$num_rows=mysql_num_rows($result);
在浏览器中运行时出现入下提示:
invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'and header.poster= and header.title= and body.message='
这是怎么回事 我的$query语句赋值有错么?
你把那些值給上
值里有特殊字符。
谢谢各位!!!