我正在創建一個存儲過程以將值插入到四個表中。重點在於從SQL中取出SQL以防止SQL注入並更好地定義用戶擁有的權限,即不允許無限制地訪問INSERT
,SELECT
,ALTER
和DELETE
語句,它們僅被允許運行該過程他們需要插入傳遞的變量。但是,如果玩家已經存在,那麼就沒有必要再次添加它(並且考慮到我已經使其獨特),所以不必再添加它(並且不可能)。問題的產生是因爲玩家表和座標表之間存在一對多的關係。帶參數的MySQL條件插入
所以我想要的是一個條件INSERT
來測試值是否已經存在,如果它確實移動到下一個INSERT
聲明。
這裏的存儲過程:
CREATE PROCEDURE `acdb_extended`.`addAlliedMember` (IN accountNumber VARCHAR(255),
IN userName VARCHAR(255), IN serverInitial CHAR(1), IN galaxy TINYINT(2),
IN region TINYINT(2), IN system TINYINT(2), IN astro TINYINT(2), IN level TINYINT(2),
IN allianceName VARCHAR(255))
BEGIN
INSERT INTO player (account_number, username)
VALUES (accountNumber, userName);
INSERT INTO coordinates (player_ID, server_initial, galaxy, region, system, astro)
VALUES ((SELECT player_ID FROM player WHERE username = userName), serverInitial,
galaxy, region, system, astro);
INSERT INTO jumpgate (player_ID, coordinates_ID, level, usable)
VALUES ((SELECT player_ID FROM player WHERE username = userName),
(SELECT c.coordinates_ID FROM coordinates c WHERE c.server_initial = serverInitial
AND c.galaxy = galaxy AND c.region = region AND c.system = system AND c.astro = astro),
level, FALSE);
INSERT INTO relationship (player_ID, ally, alliance_name)
VALUES ((SELECT player_ID FROM player WHERE username = userName),
TRUE, allianceName);
END
我想我需要ON DUPLICATE KEY
但我不能完全弄清楚它的使用。
在此先感謝您的幫助。
您可以用'INSERT ... SELECT'如果你想插入值的參數?你能告訴我一個這樣的例子嗎? – Arcadian 2012-04-06 15:23:35
雙重指什麼?這是表名嗎?或者雙參考參數?我明白'SELECT',但我不太明白你在哪裏指出'FROM'。 – Arcadian 2012-04-06 20:30:56
http://en.wikipedia.org/wiki/DUAL_table – nosid 2012-04-06 20:52:28