我收到此错误“未处理的异常”。
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'update, desc, indir, time) VALUES(?, ?, ?, ?, ?, ?, ?, 1392556810)' at line 1
每当我提交表格时。这是源代码
if(!is_admin())
{
header("Location: $config->url");
exit;
}
$cid = intval($_GET['id']);
if($_GET['act'] == 'add')
{
$db->bind(id,$cid);
$file = $db->row("SELECT * FROM `".PREFIX."category` WHERE `id`=:id");
if(!$file)
{
$file = new stdClass();
$file->path = "/files";
}
if(!is_dir("..".$file->path))
{
header("Location: $config->url");
exit;
}
if($_POST['save'])
{
$name=$_POST['name'];
$icon=$_POST['icon'];
if($db->count("SELECT COUNT(id) FROM `".PREFIX."category` WHERE `path` = '".$file->path."/".$name."'") == 0)
{
$path=''.$file->path.'/'.$name.'';
$desc=$_POST['desc'];
if(isset($_POST['new']))
$new=1;
else
$new=0;
if(isset($_POST['update']))
$update=1;
else
$update=0;
$time=time();
$insert=$db->query("INSERT INTO ".PREFIX."category(name, path, icon, new, update, desc, indir, time) VALUES(:name, :path, :icon, :new, :update, :desc, :id, $time)", array("name"=>"$name","icon"=>"$icon","new"=>"$new","update"=>"$update","path"=>"$path","id"=>"$cid","desc"=>"$desc"));
if($insert>0)
{
mkdir("..".$file->path."/".$name,0777);
header("Location: $config->url/cat/".$cid."/'".htmli(converturl($file->name)).".html");
}
}
echo 'already exixs';
}
else
echo '<form method="post" action="#">Name : <input type="text" name="name" /><br/>Description : <input type="text" name="desc" /><br/>Icon : <input type="text" name="icon" /><br/><input type="radio" name="new" value="1" /> New<br/><input type="radio" name="update" value="1" /> Update<br/><br/><input type="submit" name="save" value="Add" /></form>';
}
最佳答案
这是您的插入语句:
INSERT INTO ".PREFIX."category(name, path, icon, new, update, desc, indir, time)
VALUES(:name, :path, :icon, :new, :update, :desc, :id, $time)
一些列名是 MySQL 中的保留字。你需要逃离他们:
INSERT INTO ".PREFIX."category(name, path, icon, `new`, `update`, `desc`, indir, `time`)
VALUES(:name, :path, :icon, :new, :update, :desc, :id, $time);
保留字列表为here .
一般来说,您应该避免使用这些词作为标识符。它们已经在 MySQL 中用于其他目的。但是,如果你必须使用它们,那么你每次都需要逃避它们。 (注意:我还转义了“time”。您会注意到保留字列表的末尾有一些是允许的,因为它们非常常用。但是 time 是名称既是类型又是函数,因此也应该保留。)
关于MySQL 错误 "right syntax to use near ' 更新”,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/21811820/