1064:You have an error in your SQL syntax

Question

1064:You have an error in your SQL syntax

Is this error sql injectable because personally I'm afraid I don't know how to fix it and if it is injectable i need to fix it fast?

1064:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%' or categoryMark like '%'%' or packageName like '%'%')' at line 1 [ SQL ] : select count(id) as count from microvirt_app_i18n where advertiser = 'google' and color0 and countrycode = 'US' and (name like '%'%' or categoryMark like '%'%' or packageName like '%'%') 错误位置

FILE: /var/www/html/home/ThinkPHP/Library/Think/Db/Driver.class.php 　LINE: 350 TRACE

#0 /var/www/html/home/ThinkPHP/Library/Think/Db/Driver.class.php(350): E('1064:You have a...')
#1 /var/www/html/home/ThinkPHP/Library/Think/Db/Driver.class.php(180): Think\Db\Driver->error()
#2 /var/www/html/home/ThinkPHP/Library/Think/Model.class.php(1382): Think\Db\Driver->query('select count(id...')
#3 /var/www/html/home/Application/Home/Controller/SearchController.class.php(31): Think\Model->query('select count(id...')
#4 [internal function]: Home\Controller\SearchController->index(''', 'en')
#5 /var/www/html/home/ThinkPHP/Library/Think/App.class.php(171): ReflectionMethod->invokeArgs(Object(Home\Controller\SearchController), Array)
#6 /var/www/html/home/ThinkPHP/Library/Think/App.class.php(110): Think\App::invokeAction(Object(Home\Controller\SearchController), 'index')
#7 /var/www/html/home/ThinkPHP/Library/Think/App.class.php(204): Think\App::exec()
#8 /var/www/html/home/ThinkPHP/Library/Think/Think.class.php(120): Think\App::run()
#9 /var/www/html/home/ThinkPHP/ThinkPHP.php(97): Think\Think::start()
#10 /var/www/html/home/index.php(33): require('/var/www/html/h...')

1064:You have an error in your SQL syntax

Answers (1)

Related Questions