Fatal编程技术网
  • php/
  • PHP ORACLE Select ORA-00933 SQL命令未正确结束

PHP ORACLE Select ORA-00933 SQL命令未正确结束

php oracle variables select

PHP ORACLE Select ORA-00933 SQL命令未正确结束,php,oracle,variables,select,Php,Oracle,Variables,Select,在使用Ajax创建csv文件的查询中,我不断遇到ORA-00933错误。我正在返回csv,但它始终包含ORA-00933错误。我将链接下面导致错误的PHP代码,然后链接错误。谢谢你的帮助 <?php $rangeD_Echo = $_POST["rangeD"]; $year_Echo = $_POST["year"]; $yearTruncation = substr($year_Echo, 2); $yearTruncationMinusOne = $yearTruncation-

在使用Ajax创建csv文件的查询中,我不断遇到ORA-00933错误。我正在返回csv,但它始终包含ORA-00933错误。我将链接下面导致错误的PHP代码,然后链接错误。谢谢你的帮助

<?php
$rangeD_Echo = $_POST["rangeD"];
$year_Echo = $_POST["year"];

$yearTruncation =  substr($year_Echo, 2);
$yearTruncationMinusOne = $yearTruncation-1;
$Start = '1-Oct-'.$yearTruncationMinusOne;
$End = '30-Sep-'.$yearTruncation;

if ($rangeD_Echo == 'Annual')
{
    $Start = '1-Oct-'.$yearTruncationMinusOne;
    $End = '30-Sep-'.$yearTruncation;
}
else if ($rangeD_Echo == 'Q1 FY')
{
    $Start = '1-Oct-'.$yearTruncationMinusOne;
    $End = '31-Dec-'.$yearTruncationMinusOne;   
}
else if ($rangeD_Echo == 'Q2 FY')
{
    $Start = '1-Jan-'.$yearTruncation;
    $End = '31-Mar-'.$yearTruncation;
}
else if ($rangeD_Echo == 'Q3 FY')
{
    $Start = '1-Apr-'.$yearTruncation;
    $End = '30-Jun-'.$yearTruncation;   
}
else if ($rangeD_Echo == 'Q4 FY')
{
    $Start = '1-Jul-'.$yearTruncation;
    $End = '30-Sep-'.$yearTruncation;
}


$Start = settype($Start, 'string');
$End = settype($End, 'string');
/*** CSV File Creation Land ***/
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment; filename=d-Report.csv');

$output = fopen('php://output', 'w');

fputcsv($output, array('Week Ending', 'No', 'Project Title', 'Project Contact', 
                       'Org', 'SNo', 'NNo', 'Verified By', 'Date Verified', 
                       'Comments', 'Notes'));

/*** connect to SQL DB ***/
$dbe = get_db_connection('db');
$dbe->connect();
/*** connect or ORACLE DB ***/
$db = oci_connect('QUERY','pw','server:1521/view');
if (!$db){
  $e = oci_error();
  trigger_error(htmlentities($e['message'], ENT_QUOTES), E_USER_ERROR);
} 

$query = "SELECT * FROM dbo.dbview WHERE (STATUS = 'ACTIVE' OR STATUS = 'CLOSED') AND PNUMBER <>' ' AND AMENDMENT_DATE_CREATED BETWEEN TO_DATE(:startT, dd-mm-yy) AND TO_DATE(:doneT, dd-mm-yy)
                                                                                                                    ORDER BY AMENDMENT_DATE_CREATED DESC";                                                                                                      
$runQuery = oci_parse($db, $query);
oci_bind_by_name($runQuery, ":startT", $Start);
oci_bind_by_name($runQuery, ":doneT", $End);
oci_execute($runQuery);

while($row = oci_fetch_array($runQuery, OCI_ASSOC+OCI_RETURN_NULLS))
{
    $WNumber = $row['PNUMBER']."-".$row['DNUMBER'];

    $querySQLDB = "SELECT [Verified_By], [Comments], [Notes], [Date_Verified] 
           FROM dbo.Information 
           WHERE dbo.Information.W_Key_ID = '$WNumber' 
           ORDER BY dbo.Information.ID DESC";
    $dbe->query($querySQLDB);
    $sqlData = $dbe->fetch();

    $dateNoTime = str_replace("12:00:00:000AM"," ",$sqlData['Date_Verified']);

    fputcsv($output, array($row['AMENDMENT_DATE_CREATED'], $WNumber, $row['TITLE'], $row['NAME'], 
                           $row['ORG'], $PNumber, $sqlData['Verified_By'], $dateNoTime,
                           $sqlData['Comments'], $sqlData['Notes']));

}
fclose($output);
echo $output;
?>

您需要单引号将日期格式
括在日期(:startT,'dd-mm-yy')


陛下尝试转义您的输入。引用肯定是SQL不同意的注入的标志。@Fred ii嗨,Fred,谢谢你的回复,你能提供一个如何逃避我输入的快速示例吗!不客气。TBH,我不知道在Oracle中如何进行转义,也不知道是否可以将PHP方法与之结合使用,例如
real\u escape\u string()
和/或
stripslashes()
。但请务必看到下面给出的答案。它很可能就是解决方案,在日期上引用
(:startT,'dd-mm-yy')
(:doneT,'dd-mm-yy')
。@Fred ii因此,现在我添加了'dd-mm-yy',我已更改为另一个错误,ORA-00933:SQL命令未正确结束错误。谢谢你迄今为止的帮助!不客气。我再也帮不了你了。我是MySQL的人,不是Oracle。但是谷歌搜索这个错误,我看到了很多点击。谢谢你的回复,所以我这样做了,现在我有一个不同的警告,这是一个ORA-00933:SQL命令没有正确结束的错误。请帮忙,我会给你答案的!非常感谢。@vector和
NUMBER
不能是实际的列..?第一个查询是出现错误的地方。它实际上显示在oci_execute($runQuery)上,因此推断是$query导致了错误!谢谢对不起,是的,这不是一个实际的专栏,我只是在论坛上发布时更改了一些专栏的名称。也许,你在实际代码中遗漏了一些东西。我回答的问题是正确的。

<b>Warning:</b><br/>oci_execute() [<a href='function.oci-execute'>function.oci-execute</a>]: ORA-00933: SQL command not properly ended<br />



$query = "SELECT * FROM dbo.dbview
         WHERE (STATUS = 'ACTIVE' OR STATUS = 'CLOSED')
          AND NUMBER <> ' '
          AND AMENDMENT_DATE_CREATED
        BETWEEN TO_DATE(:startT, 'dd-mm-yy')  AND TO_DATE(:doneT, 'dd-mm-yy')
        ORDER BY AMENDMENT_DATE_CREATED DESC";



  $querySQLDB = "SELECT Verified_By, Comments, Notes, Date_Verified 
           FROM dbo.Information 
           WHERE dbo.Information.W_Key_ID = '$WNumber' 
           ORDER BY dbo.Information.ID DESC";