开发者

Allow user to submit comment based on (2) tables?

问答 作者:

ERROR on this Php file:

    <?php // Insert Comments into Database that user provides
        //Get values of fields entered
        $comment = $_POST['addComment'];
        $pID4 = filter_var( $_POST['pID'], FILTER_SANITIZE_ST开发者_运维知识库RING );
        $cID = $_POST['prefix'] . $_POST['code'];
    require_once('inc/dbc1.php');
    $pdo4 = new PDO('mysql:host=###;dbname=####', $username, $password);
    $pdo4->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
 /* Error on this line --> */   $sth4 = $pdo4->prepare('INSERT INTO Comment (info, pID, cID) VALUES('$comment',?,?);');
    $sth4->execute(array($comment, $pID4, $cID));  
    ?>

ERROR: syntax error, unexpected T_VARIABLE

From what I can see, the info field is required (i.e. cannot be null) but I can't see where you are setting the $info variable to pass into the prepared statement.

Try restarting mysql in debug mode, which should allow you to get the exact query being run - you can then see if it's a MySQL problem or a PHP problem.

You're not outputting your pID into your form, because of mal-formed string output:

echo "<option>".$row3['prefix']." ".$row3['code']."</option>"; }
echo "</select>
<input type='text' id='addComment' name='addComment' tabindex='3' value='Enter comment' />
<input type='hidden' name='pID' value='<?php echo $pID4; ?>'>
                                       ^^^^^^^^^^^^^^^^^^^^^ here
</form>";

At the point I've indicated, you're still within the double-quoted string for the 'echo' command, so that PHP never gets executed, as it's within the string. What you'll end up with is an HTML tag that looks like

...<input type="hidden' name='pID' value='<?php echo 1234;?>'>...

in the browser, which is not what you want.

You really need to either "break out" of PHP mode, or use HEREDOCs. Either will let you output multi-line text chunks without having to jump through hoops with mixing quoting styles, and also let any decent syntax-highlighting editor catch errors such as this.

$pdo4->prepare('INSERT INTO Comment (info, pID, cID) VALUES('.$comment.',?,?);');

that's wrong. use this:

 $pdo4->prepare('INSERT INTO Comment (info, pID, cID) VALUES(?,?,?);');

继续阅读:php

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9