1. 首頁
  2. 問答
  3. 將數組保存到數據庫中

將數組保存到數據庫中

2012-06-27 236 views
0

我從將數組插入數據庫時​​出錯。 錯誤:您的SQL語法有錯誤;請查看與您的MySQL服務器版本相對應的手冊,以便在第23行的「訪問學生應該諮詢學生應參考相關部門」附近使用正確的語法。將數組保存到數據庫中

這裏低於

array 
'Choose by Subject Category or Module Code' => string '' (length=0) 
' 
Back to Home page' => string '' (length=0) 
'International' => string 'visiting students should consult the' (length=36) 
'Undergraduate' => string 'students should refer to the relevant section of the UCC' (length=56) 
'Postgraduate' => string 'students should refer to the relevant section of the UCC' (length=56) 
'Credit Weighting' => string '5' (length=1) 
'Teaching Period(s)' => string 'Teaching Period 1.' (length=18) 
'No. of Students' => string 'Min 15, Max 30.' (length=15) 
'Pre-requisite(s)' => string 'None' (length=4) 
'Co-requisite(s)' => string 'None' (length=4) 
'Teaching Methods' => string '1 x 4hr(s) Lectures; Other (Distance Education Module - Up to 146hrs Self Directed Study).' (length=90) 
'Module Co-ordinator' => string 'Dr Peter Cleary, Department of Accounting, Finance and Information Systems.' (length=75) 
'Lecturer(s)' => string 'Staff, Department of Accounting, Finance and Information Systems.' (length=65) 
'Module Objective' => string 'To examine the management uses of accounting information and to enhance students ability to exert effective managerial control.' (length=127) 
'Module Content' => string 'Topics include; the accounting information needs of management, costs and pricing; estimating costs; the identification of key performance indicators; budgeting for control; capital investment appraisal and implications for strategic planning and control.' (length=256) 
'Learning Outcomes' => string 'On successful completion of this module, students should be able to:' (length=68) 
'Assessment' => string 'Total Marks 100: Continuous Assessment 100 marks (Project/ Essay. Approximately 1500 words.).' (length=93) 
'Compulsory Elements' => string 'Continuous Assessment.' (length=22) 
'Penalties (for late submission of Course/Project Work etc.)' => string 'Where work is submitted up to and including 7 days late, 10% of the total marks available shall be deducted from the mark achieved. Where work is submitted up to and including 14 days late, 20% of the total marks available shall be deducted from the mark achieved. Work submitted 15 days late or more shall be assigned a mark of zero.' (length=336) 
'Pass Standard and any Special Requirements for Passing Module' => string '40%.' (length=4) 
'End of Year Written Examination Profile' => string 'No End of Year Written Examination.' (length=35) 
'Requirements for Supplemental Examination' => string 'Marks in passed element(s) of Continuous Assessment are carried forward, Failed element(s) of Continuous Assessment must be repeated (Resubmission of revised Continuous Assessment).' (length=181)

陣列下面是查詢。

//============== INSERT QUERY================// 
$result = array();  
foreach($result as $snode){ 
$query = sprintf("INSERT INTO save_array 
     (ModuleCode, 
     Homepage, 
     International, 
     ......) VALUES ('%s')",mysql_real_escape_string($snode)); 


foreach ($result as $key => $value) 
$query = $query . "$value"; 

echo '<br /><br />'; 
mysql_query($query) or die($query."<br/><br/>".mysql_error()); 
echo $snode. '<br />'; 
} 
echo '<br /><br /><br />';

任何幫助,將不勝感激摸不着頭腦。

//================== New Updated Query Using Mysqli ============================= 

$result = array(); 
foreach($result as $snode){ 
$snode = mysql_real_escape_string($snode); 
$query = sprintf("INSERT INTO save_array 
     (ModuleCode,Homepage,International,.......)VALUES ('%s')",implode("','",$result)); 

echo $query. '<br />'; 

foreach ($result as $key => $value) 
    $query = $query . "$value"; 
$result = mysql_query($query) or die (mysql_error()); 
}

我重複查詢,似乎是正確的值插入右列,但沒有執行到數據庫中。

錯誤:您的SQL語法錯誤;檢查與您的MySQL服務器版本相對應的手冊,以便在附近使用正確的語法。「訪問學生應該諮詢學生應該參考第23行的相關部分」

來源

2012-06-27 user1444442

+0

請不要在新代碼中使用'mysql_ *'函數。他們不再被維護,社區已經開始[棄用流程](http://goo.gl/KJveJ)。請參閱[**紅框**](http://goo.gl/GPmFd)?相反,您應該瞭解[準備好的語句](http://goo.gl/vn8zQ)並使用[PDO](http://php.net/pdo)或[MySQLi](http://php.net/ mysqli的)。如果你不能決定,[本文](http://goo.gl/3gqF9)將有助於選擇。如果你關心學習,[這裏是很好的PDO教程](http://goo.gl/vFWnC)。 –

+0

好吧,我只是學習PHP,所以不太熟悉舊的代碼和新的代碼。如果我決定使用MySQLi,這是否意味着我必須更改我編寫的與MySQLi一起工作的所有PHP腳本,或者如何工作?我會看看PDO,看看我能從中得到什麼。 – user1444442

+0

你可以在你的問題中添加結果查詢嗎?在第一個問題解決之前不要使用mysqli。 –

回答

1

你想保存到多個列:

ModuleCode, 
Homepage, 
International, 
Undergraduate, 
...

與單個值('%s')

還指出,mysql_real_escape_string需要價值,而不是一個數組(我假設$ snode是一個數組)。 也可以考慮使用PDOmysqli

你可以這樣做(只是舉例,不知道該$ snode結構),並檢查輸出:

foreach($snode as &$val) { 
    $val = mysql_real_escape_string($val); 
} 
...VALUES ('%s'),implode("','",$snode)

更新:

我不能找到一個問題;該查詢應該工作。 我甚至在我的系統(假設VARCHAR每一列(256))和您的查詢輸出創建了表的結構奮力(插入)如預期..

$result = array(); 
foreach($result as $snode) { 

    foreach($snode as &$val) { 
     $val = mysql_real_escape_string($val); 
    } 

    $query = sprintf("INSERT INTO save_array (
     ModuleCode,Homepage,International,Undergraduate,Postgraduate,CreditWeighting, 
     TeachingPeriod,NoofStudents,Prerequisite,Corequisite,TeachingMethods, 
     ModuleCoordinator,Lecturer,ModuleObjective,ModuleContent,LearningOutcomes, 
     Assessment,CompulsoryElements,Penalties,PassStandard, 
     EndofYearWrittenExamination,RequirementsforExamination) 
     VALUES ('%s')",implode("','",$snode)); 

    $result = mysql_query($query) or die (mysql_error()); 
}

運行上面的代碼片段爲它是;不要改變任何東西。

來源

2012-06-27 09:40:15

+0

嘿,對不起。我使用mysqli更新了我的代碼,似乎將正確的值放入正確的列中,但沒有將它保存到數據庫中。不知道做錯了什麼? – user1444442

+0

我想你的方法和我得到相同的結果,從@傑克的做法正在逐漸:( – user1444442

+0

是否有錯誤調用使用error_reporting(E_ALL);?在腳本的頂部bring'em'all(只是爲了安全)也我看到你變成mysqli_ *。這是你唯一的變化?如何對連接器mysqli_connect。堅持mysql_ *,直到問題解決,然後再升級(以最小化噪聲分散注意力,真正的問題) – 2012-06-27 11:39:37

1

迴應您的$查詢,您會看到。 這不是一個有效的SQL語句。

規則編號1,2和3用於調試動態查詢:查看查詢本身。

來源

2012-06-27 09:37:34

+1

不,這些是第2,3和4號規則。#1不是使用'mysql_ *'。 –

+0

我回應了我的查詢,似乎是在正確的列中放入正確的值,但仍未將其保存到數據庫中。 – user1444442

0

您的主要問題是引號:

('%s')

然後您:

mysql_real_escape_string

它導致你的SQL衝突。使用MySQL轉義或'。

所以發生的是,你的雙逃避你的SQL輸入,這是造成其實際的SQL注入...

而且MYSQL真正轉義字符串將不插入$ snode作爲數組。你將需要foreach提取數組building和array來注入SQL查詢的數組。

來源

2012-06-27 09:40:37 Sammaye

0

假設你的陣列$node是在相同的順序列你已經證明,你可以使用vsprintf(),而不是生成結果查詢:

// assuming $node is the array with the data 
// generate list of place holders 
$placeholders = join(',', array_fill(0, count($node), "'%s'")); 

// construct full query using array_map applied to the escaping function 
$query = vsprintf("INSERT INTO save_array (ModuleCode, 
     Homepage, 
     International, 
     Undergraduate, 
     Postgraduate, 
     CreditWeighting, 
     TeachingPeriod, 
     NoofStudents, 
     Prerequisite, 
     Corequisite, 
     TeachingMethods, 
     ModuleCoordinator, 
     Lecturer, 
     ModuleObjective, 
     ModuleContent, 
     LearningOutcomes, 
     Assessment, 
     CompulsoryElements, 
     Penalties, 
     PassStandard, 
     EndofYearWrittenExamination, 
     RequirementsforExamination) VALUES ($placeholders)", 
      array_map('mysql_real_escape_string', $node) 
);

順便說一句,不要使用mysql_功能!

來源

2012-06-27 09:50:55

相關問題

 相關問題