php SQL语法错误
|
我已尝试以几种方式进行安排,但错误消息几乎保持不变:
15错误检索分数SQL语法错误;在第1行的\'table WHERE id> 15 1 ORDER BY id ASC LIMIT 0,100 \'附近检查与您的MySQL服务器版本相对应的手册以使用正确的语法
我打的电话是
http://myserver.com/get_dbupdates2.php?theid=15
$type = isset($_GET[\'type\']) ? $_GET[\'type\'] : \"global\";
$offset = isset($_GET[\'offset\']) ? $_GET[\'offset\'] : \"0\";
$count = isset($_GET[\'count\']) ? $_GET[\'count\'] : \"100\";
$sort = isset($_GET[\'sort\']) ? $_GET[\'sort\'] : \"id ASC\";
// Localize the GET variables
$udid = isset($_GET[\'udid\']) ? $_GET[\'udid\'] : \"\";
$name = isset($_GET[\'name\']) ? $_GET[\'name\'] : \"\";
$clubname = isset($_GET[\'clubname\']) ? $_GET[\'clubname\'] : \"\";
$theid = isset($_GET[\'theid\']) ? $_GET[\'theid\'] : \"\";
// Protect against sql injections
$type = mysql_real_escape_string($type);
$offset = mysql_real_escape_string($offset);
$count = mysql_real_escape_string($count);
$sort = mysql_real_escape_string($sort);
$udid = mysql_real_escape_string($udid);
$name = mysql_real_escape_string($name);
$clubname = mysql_real_escape_string($clubname);
$theid = mysql_real_escape_string($theid);
echo $theid;
// Build the sql query
//$sql = \"SELECT * FROM $table WHERE \";
$sql = \"SELECT * FROM $table WHERE id>$theid \";
switch($type) {
case \"global\":
$sql .= \"1 \";
break;
case \"device\":
$sql .= \"udid = \'$udid\' \";
break;
case \"name\":
$sql .= \"name = \'$name\' \";
break;
case \"clubname\":
$sql .= \"clubname = \'$clubname\' \";
break;
case \"theid\":
$sql .= \"theid = \'$theid\' \";
break;
}
$sql .= \"ORDER BY $sort \";
$sql .= \"LIMIT $offset,$count \";
$result = mysql_query($sql,$conn);
有人能看到我哪里出问题了吗?
最亲切的问候,
-码
编辑
见这两行
//$sql = \"SELECT * FROM $table WHERE \";
$sql = \"SELECT * FROM $table WHERE id>$theid \";
如果我注释掉底线,而取消注释顶线,则脚本运行正常并返回数据。但是,将其保持不变会产生错误。
所以这让我相信问题与
id>$theid \";
问候
-码
没有找到相关结果
已邀请:
1 个回复
豹芜澈
并且您必须在条件之间定义AND或OR,例如