【发布时间】:2012-04-17 23:24:26
【问题描述】:
在使用简单的插入命令时遇到了错误
You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near 'All In:
The Poker Movie, tells the story of poker focusing on why one of our nat'
at line 2"
基本上将电影信息传递到表格中,这里是代码-
$query1 = "INSERT INTO Films_Info (Films_ID,FilmName, FilmRelease, Synopsis,Poster,CritScore,AudScore,Director,Studio,IMDB,date_added_db)
VALUES ('',$Film_Name', '$Film_Release','$filmsynopsis','$film_image','$film_critic','$film_audience','$film_director','$film_studio','$film_imdbID','')";
$runquery1 = mysql_query($query1)or die(mysql_error());
谢谢大家
【问题讨论】:
-
$Film_Name'这个位缺少我相信的开场白 -
您还应该通过
mysql_real_escape_string()而不是 par-sey 进行任何可能有的 sql 注入,但要转义任何会破坏您的查询的引号等。