混淆phpmysql的串联
|
我有这样的脚本:
$sLimit = \"\";
if ( isset( $_POST[\'iDisplayStart\'] ) && $_POST[\'iDisplayLength\'] != \'-1\' )
{
$sLimit = \"LIMIT \".mysql_real_escape_string( $_POST[\'iDisplayStart\'] ).\", \".
mysql_real_escape_string( $_POST[\'iDisplayLength\'] );
}
if ( isset( $_POST[\'iSortCol_0\'] ) )
{
$sOrder = \"ORDER BY \";
for ( $i=0 ; $i<intval( $_POST[\'iSortingCols\'] ) ; $i++ )
{
if ( $_POST[ \'bSortable_\'.intval($_POST[\'iSortCol_\'.$i]) ] == \"true\" )
{
$sOrder .= $aColumns[ intval( $_POST[\'iSortCol_\'.$i] ) ].\"
\".mysql_real_escape_string( $_POST[\'sSortDir_\'.$i] ) .\", \";
}
}
$sOrder = substr_replace( $sOrder, \"\", -2 );
if ( $sOrder == \"ORDER BY\" )
{
$sOrder = \"\";
}
}
$sGroupBy = \" GROUP BY A.Range_sampling, A.Lot_no \";
$sQuery = \"SELECT SQL_CALC_FOUND_ROWS DATE(A.Inspection_datetime) AS Date, A.Line, A.Model,
A.Lot_no,A.Range_sampling,COUNT(A.Serial_number) AS Error,B.name AS PIC
FROM inspection_report A
LEFT JOIN Employee B
ON A.NIK=B.NIK
WHERE CHAR_LENGTH( A.Range_sampling ) < 17
AND MONTH(A.Inspection_datetime)=MONTH(CURRENT_DATE)\" .$sGroupBy.$sOrder.$sLimit; //error
$rResult = mysql_query($sQuery) or _doError(_ERROR30 . \' (<small>\' . htmlspecialchars($sql) . \'</small>): \' . mysql_error() );
对于此脚本,我得到了错误:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \'0, 10\' at line 7
添加空间后显示:
Error message is :: \"Error occuered during query execution: (<small></small>): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \'desc LIMIT 0, 10\' at line 8\";
完整查询:
SELECT SQL_CALC_FOUND_ROWS DATE(A.Inspection_datetime) AS Date, A.Line, A.Model, A.Lot_no,A.Range_sampling,COUNT(A.Serial_number) AS Error,B.name AS PIC FROM inspection_report A LEFT JOIN Employee B ON A.NIK=B.NIK WHERE CHAR_LENGTH( A.Range_sampling ) < 17 AND MONTH(A.Inspection_datetime)=MONTH(CURRENT_DATE) GROUP BY A.Range_sampling, A.Lot_no ORDER BY desc LIMIT 0, 10
没有找到相关结果
已邀请:
1 个回复
佃蒜狗掂哥
子句中没有字段:
在BY和desc之间应该是排序所依据的字段名称