Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/58.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
SELECT查询中的MySQL语法错误_Mysql_Syntax_Select Query - Fatal编程技术网
Fatal编程技术网
  • mysql/
  • SELECT查询中的MySQL语法错误

SELECT查询中的MySQL语法错误

mysql syntax

SELECT查询中的MySQL语法错误,mysql,syntax,select-query,Mysql,Syntax,Select Query,我的代码: $fileid = $_GET['imgid']; $fileid = (int)$fileid; //id is int type in photos table require 'database.php'; //get the image sourc name $q = "SELECT src form photos WHERE id='$fileid'"; $result = $mysqli->query($q) or die(mysqli_error($mysq

我的代码:

$fileid = $_GET['imgid'];
$fileid = (int)$fileid; //id is int type in photos table

require 'database.php';

//get the image sourc name

$q = "SELECT src form photos WHERE id='$fileid'";
$result = $mysqli->query($q) or die(mysqli_error($mysqli));

if ($result) 
{
    $row = $result->fetch_object();
    $filename = $row->src;
错误:您的SQL语法有错误;检查与您的MySQL服务器版本对应的手册,以了解在第1行“photos WHERE id='12''附近使用正确语法的正确性。尝试:

$q = "SELECT src FROM photos WHERE id='$fileid'";
此外,虽然与此语法错误无关,但请注意,您的代码似乎易受攻击。

在查看第2行之前,它似乎只是易受攻击的。)@上校:哦,你说得对。没有注意到它被转换成
int
@Col。是的,转换成int将防止这种情况发生,无论是出于意外还是出于设计。是的,我的错:)。。。修正了答案。