Php 带字符串的zend select语句
我花了两个小时只做了一个select语句 我做错了什么Php 带字符串的zend select语句,php,sql,string,zend-framework,select,Php,Sql,String,Zend Framework,Select,我花了两个小时只做了一个select语句 我做错了什么 public function fetchSpecific($moderatorid = 1) { $resultSet = $this->getDbTable()->fetchAll("moderatorid = ".$moderatorid); $entries = array(); foreach ($resultSet as $row) {
public function fetchSpecific($moderatorid = 1)
{
$resultSet = $this->getDbTable()->fetchAll("moderatorid = ".$moderatorid);
$entries = array();
foreach ($resultSet as $row) {
$entry = new Application_Model_Network();
$entry->setId($row->id)
->setName($row->name)
->setModeratorId($row->moderatorid);
$entries[] = $entry;
}
return $entries;
}
都是关于这一行的:
$resultSet = $this->getDbTable()->fetchAll("moderatorid = ".$moderatorid);
它给了我一个类似这样的错误:
Message: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1
从技术上讲,这种语法应该是可行的,不过我建议将其修改一点,以确保数据正确转义。当您收到该错误时,
$mediatorid
的值是多少?我怀疑该变量出于某种原因正在生成语法错误
请尝试以下方法:
$results = $this->getDbTable()
->fetchAll($this->getDbTable()
->getAdapter()
->quoteInto('moderatorid = ?', $moderatorid));
这将确保正确转义$mediatorid
,有助于防止语法错误,更重要的是,它可以防止可能的SQL注入
使用Zend\u Db\u Table::fetchAll()
的另一个问题是,当遇到这样的错误时,很难调试正在执行的查询
$select =
$this->getDbTable()
->select()
->from($this->getDbTable()) // optionally you can specify cols as the 2nd param
->where('moderatorid = ?', $moderatorid);
echo $select; // e.g. SELECT `table`.* FROM `table` WHERE (moderatorid = 1)
$results = $this->getDbTable()->fetchAll($select);
要解决这个问题,请自己构造SELECT
语句,以便在需要调试实际执行的SQL时可以回显该值
$select =
$this->getDbTable()
->select()
->from($this->getDbTable()) // optionally you can specify cols as the 2nd param
->where('moderatorid = ?', $moderatorid);
echo $select; // e.g. SELECT `table`.* FROM `table` WHERE (moderatorid = 1)
$results = $this->getDbTable()->fetchAll($select);
希望这能帮助你解决你的问题
一些有用的参考资料: