查询cakephp don'；行不通_Cakephp

查询cakephp don'；行不通

cakephp

查询cakephp don'；行不通,cakephp,Cakephp,我在控制器中有这个查询。它是在数据库中插入数据的简单方法 $this->User->query('INSERT INTO users(CF,phone,username,email,city,firstname,lastname,active,group_id) VALUES ('$CF','$phone','$username','$email','$city','$name','$name','$active','$group_id')'); 这就是模型： <?php A

我在控制器中有这个查询。它是在数据库中插入数据的简单方法

$this->User->query('INSERT INTO users(CF,phone,username,email,city,firstname,lastname,active,group_id) VALUES ('$CF','$phone','$username','$email','$city','$name','$name','$active','$group_id')');

这就是模型：

<?php
App::uses('AppModel', 'Model');
/**
 * User Model
 *
 * @property Group $Group
 * @property User $ParentUser
 * @property User $ChildUser
 * @property Facility $Facility
 * @property ServiceCategory $ServiceCategory
 */
class User extends AppModel {

/**
 * Display field
 *
 * @var string
 */
    public $displayField = 'name';


    //The Associations below have been created with all possible keys, those that are not needed can be removed

/**
 * belongsTo associations
 *
 * @var array
 */


 public $virtualFields = array(
    // 'name' => 'CONCAT(User.lastname, " ", User.firstname)'
    'name' => 'CONCAT(lastname, " ", firstname)'
);


    public $belongsTo = array(
        'Group' => array(
            'className' => 'Group',
            'foreignKey' => 'group_id',
            'conditions' => '',
            'fields' => '',
            'order' => ''
        ), 'Gender'
    );

    public $hasMany = array('Bid');

/**
 * hasAndBelongsToMany associations
 *
 * @var array
 */
    public $hasAndBelongsToMany = array(
        'Facility' => array(
            'className' => 'Facility',
            'joinTable' => 'facilities_users',
            'foreignKey' => 'user_id',
            'associationForeignKey' => 'facility_id',
            'unique' => 'keepExisting',
            'conditions' => '',
            'fields' => '',
            'order' => '',
            'limit' => '',
            'offset' => '',
            'finderQuery' => '',
        ),
        'ServiceCategory' => array(
            'className' => 'ServiceCategory',
            'joinTable' => 'service_categories_users',
            'foreignKey' => 'user_id',
            'associationForeignKey' => 'service_category_id',
            'unique' => 'keepExisting',
            'conditions' => '',
            'fields' => '',
            'order' => '',
            'limit' => '',
            'offset' => '',
            'finderQuery' => '',
        )
    );

}

最可能的问题是调试级别为0（这意味着它不会显示实际错误是什么）。尝试在config/core.php
中将debug更改为2，然后再次运行该文件
如果不是这样的话，如果在.php
文件（Controller/Model/Component/.etc.）中关闭？>
标记后有一些空格，有时可能会出现空白页。查看文件的结尾，去掉任何不必要的关闭？>
标记（不需要关闭php文件中的php标记）.
最可能的问题是调试级别为0（这意味着它不会显示实际错误是什么）。尝试在config/core.php
中将debug更改为2，然后再次运行该文件
如果不是这样的话，如果在.php
文件（Controller/Model/Component/.etc.）中关闭？>
标记后有一些空格，有时可能会出现空白页。查看文件的结尾，去掉任何不必要的关闭？>
标记（不需要关闭php文件中的php标记）.
在使用带有华丽ORM的框架时，为什么要这样插入。您的解决方案为SQL注入打开了应用程序
用正确的方法做
$data = array(
    'CF' => $CF,
    'phone' => $phone,
    'username' => $username,
    'email' => $email,
    'city' => $city,
    'name' => $name,
    'active' => $active,
    'group_id' => $group_id
);

$this->User->create();
$this->User->save($data);

在使用带有华丽ORM的框架时，为什么要这样插入。您的解决方案为SQL注入打开了应用程序
用正确的方法做
$data = array(
    'CF' => $CF,
    'phone' => $phone,
    'username' => $username,
    'email' => $email,
    'city' => $city,
    'name' => $name,
    'active' => $active,
    'group_id' => $group_id
);

$this->User->create();
$this->User->save($data);