Php SQL语法。。。。对于在第1行使用near'）VALUES（）'的正确语法

我在试图打开表单时遇到了他的错误

错误：您的SQL语法有错误；检查与MySQL服务器版本对应的手册，以了解第1行“VALUES”附近使用的正确语法

这是文件

<?php
 $con = mysql_connect("localhost","*********","**************");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("**********", $con);


    $sql = "INSERT INTO pc_owner (pcname,pcphone,pccellphone,pcworkphone,pcmake,pcemail,pcaddress,pcaddress2,pcstate,pccity,pczip,pcram,pcproc,pchd,pcserial,pcextra,pcgroupid,custsourceid,prefcontact,pcnotes,)
VALUES (
$_POST[pcname]
$_POST[pcaddress]
$_POST[pcaddress2]
$_POST[pcstate]
$_POST[pccity]
$_POST[pczip]
$_POST[pccellphone] 
$_POST[pcphone]
$_POST[pcworkphone]
$_POST[pcemail]
$_POST[pcmake]
$_POST[pcram]
$_POST[pcproc]
$_POST[pchd]
$_POST[pcserial]
$_POST[pcextra]
$_POST[pcgroupid]
$_POST[prefcontact]
$_POST[pcnotes]
$_POST[custsourceid])";
    if (!mysql_query($sql,$con))
    {
    die('Error: ' . mysql_error());
    }
    $last_insert_pcid = mysql_insert_id();

    $sql = "INSERT INTO pc_wo (pcid, probdesc, virusesfound, custnotes, technotes, dropdate, pickupdate, readydate, pcstatus, called, thepass, custassets, bench, workarea, pcpriority, cityuser, cobyuser, commonproblems, storeid, thesig, assigneduser) VALUES ('$last_insert_pcid','NULL','$_POST[woid]','$_POST[pcid]','$_POST[probdesc]','$_POST[virusesfound]','$_POST[custnotes]','$_POST[technotes]','$_POST[dropdate]','$_POST[pickupdate]','$_POST[readydate]','$_POST[pcstatus]','$_POST[pcstatus]','$_POST[called]','$_POST[thepass]','$_POST[custassets]','$_POST[bench]','$_POST[workarea]','$_POST[pcpriority]','$_POST[cibyuser]','$_POST[cobyuser]','$_POST[commonproblems]','$_POST[storeid]','$_POST[thesig]','$_POST[assigneduser]')";
    if (!mysql_query($sql,$con))
    {
    die('Error: ' . mysql_error());
    }
    $last_insert_woid = mysql_insert_id();

    $result = mysql_query("SELECT * FROM pc_owner WHERE pcid='$last_insert_pcid'");

    $result1 = mysql_query("SELECT * FROM pc_wo WHERE woid='$last_insert_woid'");
    echo "<table border='1'>
    <tr>
    <th>Computer id</th>
    <th>Name</th>
    <th>Phone Number</th>
    <th>Mobile</th>
    <th>Work</th>
    <th>Email</th>
    <th>Address</th>
    <th>Second Line</th>
    <th>State</th>
    <th>City</th>
    <th>Postal Code</th>
    <th>WorkOrder Id</th>
    <th>PC Id</th>
    <th>Pc make</th>
    <th>probdes</th>
    <th>virusesfound</th>
    <th>Ram</th>
    <th>pcprod</th>
    <th>HDD</th>
    <th>Pc Serial No</th>
    <th>Pc Extra</th>
    <th>Pc Note</th>
    <th>custnotes</th>
    <th>technotes</th>
    <th>dropdate</th>
    <th>pickupdate</th>
    <th>readydate</th>
    <th>pcstatus</th>
    <th>called</th>
    <th>thepass</th>
    <th>custassets</th>
    <th>bench</th>
    <th>workarea</th>
    <th>pcpriorty</th>
    <th>Checked in by</th>
    <th>Checked out by</th>
    <th>Common Problems</th>
    <th>Store Id</th>
    <th>Assigned User</th>
    </tr>";
    while($row = mysql_fetch_array($result))
    {
    echo "<tr>";
    echo "<td>" . $row['pcid'] . "</td>";
    echo "<td>" . $row['pcname'] . "</td>";
    echo "<td>" . $row['pcphone'] . "</td>";
    echo "<td>" .$row['pccellphone'] . "</td>";
    echo "<td>" .$row['pcworkphone'] . "</td>";
    echo "<td>" .$row['pcemail'] . "</td>";
    echo "<td>" .$row['pcaddress'] . "</td>";
    echo "<td>" .$row['pcaddress2'] . "</td>";
    echo "<td>" .$row['pcstate'] . "</td>";
    echo "<td>" .$row['pccity'] . "</td>";
    echo "<td>" .$row['pczip'] . "</td>";
    }
    //considering these are the values returned by 1st query (ie., table client)
    while($row = mysql_fetch_array($result1)) {

    echo "<td>" .$row['woid'] . "</td>";
    echo "<td>" .$row['pcid'] . "</td>";
    echo "<td>" .$row['pcmake'] . "</td>";
    echo "<td>" .$row['pcprobdesc'] . "</td>";
    echo "<td>" .$row['virusesfound'] . "</td>";
    echo "<td>" .$row['pcram'] . "</td>";
    echo "<td>" .$row['pcproc'] . "</td>";
    echo "<td>" .$row['pchd'] . "</td>";
    echo "<td>" .$row['pcserial'] . "</td>";
    echo "<td>" .$row['pcextra'] . "</td>";
    echo "<td>" .$row['pcnotes'] . "</td>";
    echo "<td>" .$row['custnotes'] . "</td>";
    echo "<td>" .$row['technotes'] . "</td>";
    echo "<td>" .$row['dropdate'] . "</td>";
    echo "<td>" .$row['pickupdate'] . "</td>";
    echo "<td>" .$row['readydate'] . "</td>";
    echo "<td>" .$row['pcstatus'] . "</td>";
    echo "<td>" .$row['called'] . "</td>";
    echo "<td>" .$row['thepass'] . "</td>";
    echo "<td>" .$row['custassets'] . "</td>";
    echo "<td>" .$row['bench'] . "</td>";
    echo "<td>" .$row['workarea'] . "</td>";
    echo "<td>" .$row['pcpriority'] . "</td>";
    echo "<td>" .$row['cibyuser'] . "</td>";
    echo "<td>" .$row['cobyuser'] . "</td>";
    echo "<td>" .$row['commonproblems'] . "</td>";
    echo "<td>" .$row['storeid'] . "</td>";
    echo "<td>" .$row['thesig'] . "</td>";
    echo "<td>" .$row['assigneduser'] . "</td>";
    echo "</tr>";
    }
    echo "</table>";
    echo "woid is complete";
    print "Thank you for booking with us and your Repair ID number is ".$last_insert_woid;
    mysql_close($con);
    ?>

知道为什么会这样吗？

去掉逗号

... prefcontact,pcnotes,) VALUES ...
                       ^----------here

你需要逗号来分隔你的值

而且，在不转义的情况下，决不能使用输入数据将其放入数据库。

---

请参见

3件事，删除此处多余的逗号$sql=插入pc_所有者pcname、pcphone、pccellphone、pcworkphone、pcmake、pcemail、pcaddress、pcaddress2、pcstate、pccity、pczip、pcram、pcproc、pchd、pcserial、pcextra、pcgroupid、custsourceid、prefcontact、pcnotes、

---

您需要将这些值用引号括起来，后跟逗号，如值“$\u POST[pcname]”、“$\u POST[pcaddress]”、

不需要使用分隔值，请在发布问题之前花一些时间阅读手册花一些时间阅读，否则当有人破坏您的服务器时，不要向我们哭诉。