Php 无法形成正确的字符串
我有下面的代码来创建sql查询Php 无法形成正确的字符串,php,string,Php,String,我有下面的代码来创建sql查询 $sql= '(SELECT ticket_id,message,created,2 from '.TICKET_MESSAGE_TABLE.' msg where msg.ticket_id ='.db_input($id).' ) UNION (SELECT ticket_id,response,created,1 from '.TICKET_RESPONSE_TABLE.' resp where resp.ticket_id= '.db_input($id)
$sql= '(SELECT ticket_id,message,created,2 from '.TICKET_MESSAGE_TABLE.' msg where msg.ticket_id ='.db_input($id).' ) UNION (SELECT ticket_id,response,created,1 from '.TICKET_RESPONSE_TABLE.' resp where resp.ticket_id= '.db_input($id).' )UNION (SELECT ticket_id,note,created,3 FROM '.TICKET_NOTE-TABLE .' note WHERE note.ticket_id='.db_input($id).' ) order by created';
echo "sql: ".$sql;
当我运行这个时,我得到
sql: 0 note WHERE note.ticket_id=2 ) order by created
任何人都可以解释0是从哪里来的以及为什么字符串的格式不正确
谢谢
票务记录表
如果您以某种理智的方式包装您的输入,这将更容易发现:)
此外,我希望有db\u input()
函数来防止。我希望它能得到很好的实施。(我认为使用起来更容易、更清晰。)
$sql= '(SELECT ticket_id,message,created,2 from '.TICKET_MESSAGE_TABLE.
' msg where msg.ticket_id ='.db_input($id).
' ) UNION (SELECT ticket_id,response,created,1 from '.TICKET_RESPONSE_TABLE.
' resp where resp.ticket_id= '.db_input($id).
' )UNION (SELECT ticket_id,note,created,3 FROM '.TICKET_NOTE-TABLE .
' note WHERE note.ticket_id='.db_input($id).
' ) order by created';
echo "sql: ".$sql;