关于插入函数和POST函数的SQL语法错误

Sorry to be such a bother again, however it seems i am facing a bit of trouble with my coding. For some reason i am presented with the following error:

很抱歉再次这么麻烦,但是我的编码似乎面临着一些麻烦。由于某种原因,我出现以下错误:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' '', 'No Subject', 0, 'Jul 8, 2013 09:33 PM', 0)' at line 1

Whenever i execute the following command:

每当我执行以下命令时:

        $date_posted=date("M j, Y h:i A", TIME());
$sent_to=$_POST["member_id"];
    $sent_by=$_SESSION["member_id"];
    $subject=addslashes($_POST["subject"]);
    if($subject==Null)
    {
        $subject="No Subject";
    }
    $subject=verify_data($subject);

    $message=addslashes($_POST["message"]);
    $message=verify_data($message);


                    $sql="insert into main";
            $sql.="(member_id";
            $sql.=", mail_to";
            $sql.=", mess_text";
            $sql.=", subject";
            $sql.=", deleted";
            $sql.=", date_posted";
            $sql.=", mess_read)";

            $sql.=" values($sent_by";
            $sql.=", $sent_to";
            $sql.=", '$message'";
            $sql.=", '$subject'";
            $sql.=", 0";
            $sql.=", '$date_posted'";
            $sql.=", 0)";
            $result=mysql_query($sql);
            print mysql_error();
if($result)
            {
                            print "<font color='red'>Message sent successfully.</font>";
            }
            else
            {
                            //print "<font color='red'>A system error has happened, be patient.</font>";
            }

If i'm correct, the problem should lie within the coding values or the POST functions themselves, the thing is, i've changed from _POST to HTTP_POST_VARS and it hasn't really been of much help.

如果我是正确的,问题应该在编码值或POST函数本身,问题是,我已经从_POST更改为HTTP_POST_VARS,并没有真正的帮助。

Although i will say that the MYSQL values for mail are as follows:

虽然我会说邮件的MYSQL值如下:

member_id type int(11)
mail_to type int(11)
mess_text type blob
deleted type int(11)
subject type blob
date_posted type varchar(255)
mess_read type int(11)

Result when: echo $sql:

结果时:echo $ sql:

insert into mail(member_id, mail_to, mess_text, subject, deleted, date_posted, mess_read) values(2, , '', 'No Subject', 0, 'Jul 8, 2013 09:43 PM', 0)

If you're able to help me resolve this concern, then it's much appreciated. This community has been of great support not just to beginners like myself, but for experts who sometimes require that little push of effort.

如果你能够帮助我解决这个问题,那么我们非常感激。这个社区不仅为像我这样的初学者提供了很大的支持,也为那些有时需要努力的专家提供了很大的支持。

5 个解决方案

#1

Form elements have to have a name in order to access them on form submit. So in order to use -

表单元素必须具有名称才能在表单提交时访问它们。所以为了使用 -

$sent_to=$_POST["member_id"];

You have to have a element that looks like this -

你必须有一个看起来像这样的元素 -

<input name="member_id" />

It is very common when using JQuery for examples to only include the id -

使用JQuery作为示例仅包含id时非常常见 -

<input type="hidden" id="project-id" />  // from the autocomplete source code example

This works in javascript/JQuery, as you are working with the id, but in php you need to add the name -

这适用于javascript / JQuery,因为你正在使用id,但在php中你需要添加名称 -

<input type="hidden" id="member_id" name="member_id" />

#2

if your $sent_to or $sent_by becomes empty then it will fail. Based on your SQL string you posted it seems $sent_to is empty, either check to make sure this value exist or put single quotes around the value so you can pass an empty value to the database,

如果你的$ sent_to或$ sent_by变空,那么它将失败。基于您发布的SQL字符串,似乎$ sent_to为空,要么检查以确保该值存在,要么在值周围加上单引号,以便您可以将空值传递给数据库,

#3

Here $sent_to is blank so there is a error

check for the $_POST["member_id"] value.

AND

       $sql="insert into main";
        $sql.="(member_id";
        $sql.=", mail_to";
        $sql.=", mess_text";
        $sql.=", subject";
        $sql.=", deleted";
        $sql.=", date_posted";
        $sql.=", mess_read)";

        $sql.=" values($sent_by";
        $sql.=", $sent_to";
        $sql.=", '$message'";
        $sql.=", '$subject'";
        $sql.=", 0";
        $sql.=", '$date_posted'";
        $sql.=", 0)";
        $result=mysql_query($sql);


    TO


    $sql="insert into main";
    $sql.="(member_id";
    $sql.=", mail_to";
    $sql.=", mess_text";
    $sql.=", subject";
    $sql.=", deleted";
    $sql.=", date_posted";
    $sql.=", mess_read)";

    $sql.=" values('$sent_by'";
    $sql.=", '$sent_to'";
    $sql.=", '$message'";
    $sql.=", '$subject'";
    $sql.=", 0";
    $sql.=", '$date_posted'";
    $sql.=", 0)";
    $result=mysql_query($sql);

#4

$sent_to= (isset( $_POST["member_id"]) && $_POST["member_id"] != '') ? $_POST["member_id"] : '';

$ sent_to =(isset($ _POST [“member_id”])&& $ _POST [“member_id”]!='')? $ _POST [“member_id”]:'';

$sent_to= (isset( $_POST["member_id"]) && $_POST["member_id"] != '') ? $_POST["member_id"] : null; // if it accepts null

$ sent_to =(isset($ _POST [“member_id”])&& $ _POST [“member_id”]!='')? $ _POST [“member_id”]:null; //如果它接受null

--edit---

mail_to can accept int

mail_to可以接受int

so,

$sent_to= (isset( $_POST["member_id"]) && $_POST["member_id"] != '') ? $_POST["member_id"] : 0; //it can be zero or any default value you want to be

$ sent_to =(isset($ _POST [“member_id”])&& $ _POST [“member_id”]!='')? $ _POST [“member_id”]:0; //它可以是零或您想要的任何默认值

#5

   <?php
    /*$db_host='localhost';
    $db_user='root';
    $db_pass='';
    $db_name='example';*/

    $dbc = mysql_connect("localhost","root","admin123") or die('Connection to database failed');
    mysql_select_db("example",$dbc);
    //$fname =$_POST['first_name'];
    //$lname =$_POST['last_name'];

    $sql="INSERT INTO table(first_name,last_name) VALUES('Prashant','Bhatta')";

    mysql_query($sql,$dbc) or die (mysql_error());

?>

#1