这是我的php code.Browser正在生成警告,当我试图执行代码时。在查询中放置字符串时出现解析错误
<?php
include("config.inc.php");
$link = mysql_connect('localhost', 'root', '')
or die('Could not connect: ' . mysql_error());
echo 'Connected successfully';
mysql_select_db('lookup') or die('Could not select database');
$query = 'SELECT airport_id FROM airport';
$result = mysql_query($query) or die('Query failed: ' . mysql_error());
echo "<table>\n";
while ($line = mysql_fetch_array($result, MYSQL_ASSOC))
{
echo "\t<tr>\n";
foreach ($line as $col_value)
{
echo "\t\t<td>$col_value</td>\n";
$query1= 'SELECT distinct c.airport_ident,c.star_ident,c.fix_ident from corept.std_star_leg c
INNER JOIN
(SELECT star_ident,transition_ident,max(sequence_num) seq,route_type
FROM corept.std_star_leg
WHERE data_supplier='J' AND airport_ident='$col_value'
GROUP BY star_ident,transition_ident)b
ON c.sequence_num=b.seq AND c.star_ident=b.star_ident AND c.transition_ident=b.transition_ident
WHERE c.data_supplier='J' AND c.airport_ident='$col_value' AND
NOT EXISTS
(SELECT name,trans FROM skyplan_deploy.deploy_stars d
WHERE d.apt=$col_value AND d.name!=d.trans
AND c.star_ident=d.name and c.fix_ident=d.trans)
UNION
SELECT apt,name,trans FROM skyplan_deploy.deploy_stars d WHERE apt='$col_value' AND name!=trans
AND
NOT EXISTS
(SELECT distinct c.star_ident,c.fix_ident from corept.std_star_leg c
INNER JOIN
(SELECT star_ident,transition_ident,max(sequence_num) seq,route_type FROM corept.std_star_leg
WHERE data_supplier='J' AND airport_ident='$col_value'
GROUP BY star_ident,transition_ident)b
ON c.sequence_num=b.seq AND c.star_ident=b.star_ident AND c.transition_ident=b.transition_ident
WHERE c.data_supplier='J' AND c.airport_ident=$col_value AND d.name=c.star_ident AND d.trans=c.fix_ident)';
$result1 = mysql_query($query1) or die('Query failed: ' . mysql_error());
while ($line1 = mysql_fetch_array($result1, MYSQL_ASSOC))
{
echo "\t<tr>\n";
foreach ($line as $col_value)
{
echo "\t\t<td>$col_value</td>\n";
echo "\t</tr>\n";
}
}
echo "\t</tr>\n";
}}
echo "</table>\n";
mysql_free_result($result);
mysql_close($link);
?>
当我试图执行上面的代码是在生成22行,其中i包括$ col_value到我query.Please帮我纠正你it.Thank警告。
+1提的SQL注入攻击。 – 2013-04-04 06:54:18