我一直致力于一个旨在成为Nintendo 3DS数据库的自我项目。但是,在插入部分,它会出现以下错误。
“您的SQL语法有错误;请查看与您的MySQL服务器版本对应的手册,以便在第1行附近使用正确的语法”
我检查了所有被请求的文件,而且所有这些文件都没有。
以下是代码:
addgame.php
<?php
require 'connect.php';
require 'phpqrcode/qrlib.php';
$c = connectDB();
define('IMAGE_WIDTH',200);
define('IMAGE_HEIGHT',200);
$boxDir = "../boxdb/";
$name = $_POST['name'];
$link = $_POST['link'];
$desc = $_POST['description'];
$rel = $_POST['releaseDate'];
$reg = $_POST['region'];
$gen = $_POST['genre'];
$box = $_FILES['box']['name'];
$temp_box = $_FILES['box']['tmp_name'];
$qrName = '../qrdb/' . $name . '.png';
$qr = QRcode::png($link, $qrName);
move_uploaded_file($temp_box, $boxDir.$box);
if(!empty($reg) and is_array($reg)) {
$regArr = implode(' , ',$reg);
}
if(!empty($gen) and is_array($gen)) {
$genArr = implode(' , ',$gen);
}
$ins = mysqli_query($c,"INSERT INTO db(gameName,ciaLink,gameDesc, releaseDate, region, genre, gameBox,qr) VALUES('$name','$link','$desc','$rel','$regArr','$genArr','$temp_box','$qr'");
if($ins){
echo 'OK';
}
else{
echo mysqli_error($c);
}
?>
homereg.php
<form action="../libs/addGame.php" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="gameName">Name of the Game</label>
<input type="text" class="form-control" name="name" id="gameName" placeholder="Ex.: Super Mario 3D Land...">
</div>
<div class="form-group">
<label for="gameName">Direct Download Game Link (for Google Drive, use <a href="https://sites.google.com/site/gdocs2direct/" target="_blank">this</a>)</label>
<input type="text" class="form-control" name="link" id="gameName" placeholder="Ex.: https://example.com/gamename.cia">
</div>
<div class="form-group">
<label for="gameDesc">Description</label>
<textarea class="form-control" name="description" id="gameDesc" placeholder="Game Description" rows="3"></textarea>
</div>
<div class="form-group">
<label for="gameDate">Release Date</label>
<input type="date" class="form-control" name="releaseDate" id="gameDate" placeholder="Release Date">
</div>
<div class="form-group">
<label>Regions where game was released</label>
<select multiple class="form-control" id="gameGen" name="region[]">
<option value="EUR">EUR</option>
<option value="JPN">JPN</option>
<option value="USA">USA</option>
</select>
</div>
<div class="form-group">
<label for="gameGen">Genre - You can select more than one if applies</label>
<select multiple class="form-control" id="gameGen" name="genre[]">
<option value="Action">Action</option>
<option value="Adventure">Adventure</option>
<option value="RPG">RPG</option>
<option value="Sports">Sports</option>
</select>
</div>
<div class="form-group">
<label for="gameBox">Game box image</label>
<input type="file" class="form-control-file" name="box" id="gameBox">
</div>
<input type="submit" class="btn btn-primary mb-2" value="Add">
</form>
connect.php
<?php
define("HOST","localhost");
define("USER","root");
define("PASS","");
define("DB","3ds");
function connectDB(){
$c = mysqli_connect(HOST,USER,PASS,DB);
return $c;
}
?>
什么可能是错的?如果它有帮助,我使用WampServer64 3.1.4在Windows 7上。
我发现了我的错误,在$ ins查询中我关闭了值内的插入而没有关闭查询。 Ps。:这是@Jens提到的带有预备语句的更正代码:
addGame.php
<?php
require 'connect.php';
require 'phpqrcode/qrlib.php';
$c = connectDB();
define('IMAGE_WIDTH',200);
define('IMAGE_HEIGHT',200);
$boxDir = "../boxdb/";
$name = $_POST['name'];
$link = $_POST['link'];
$desc = $_POST['description'];
$rel = $_POST['releaseDate'];
$reg = $_POST['region'];
$gen = $_POST['genre'];
$box = $_FILES['box']['name'];
$temp_box = $_FILES['box']['tmp_name'];
$qrFolder = '../qrdb/' . $name . '.png';
$qr = QRcode::png($link, $qrFolder);
$qrName = $name . '.png';
move_uploaded_file($temp_box, $boxDir.$box);
if(!empty($reg) and is_array($reg)) {
$regArr = implode(' , ',$reg);
}
if(!empty($gen) and is_array($gen)) {
$genArr = implode(' , ',$gen);
}
$stmt = $c->prepare("INSERT INTO db(gameName,ciaLink,gameDesc, releaseDate, region, genre, gameBox,qr) VALUES(?,?,?,?,?,?,?,?)");
$stmt->bind_param("ssssssss",$name,$link,$desc,$rel,$regArr,$genArr,$box,$qrName);
$stmt->execute();
echo "New game added successfully";
$stmt->close();
$c->close();
?>
多谢你们!