Php Can';似乎找不到SQL语句出错的地方
我可能只是太累了,错过了一些非常简单的东西,但我想不出来 正在尝试执行以下查询:Php Can';似乎找不到SQL语句出错的地方,php,mysql,Php,Mysql,我可能只是太累了,错过了一些非常简单的东西,但我想不出来 正在尝试执行以下查询: INSERT INTO chars (charName,charClass,charLevel,charLife,charES,charInt,charStr,charDex) VALUES (mlkauschwitz,ranger,81,4500,50,50,300,250) ON DUPLICATE KEY UPDATE charClass=ranger,charLevel=81,charLife=4500,c
INSERT INTO chars (charName,charClass,charLevel,charLife,charES,charInt,charStr,charDex)
VALUES (mlkauschwitz,ranger,81,4500,50,50,300,250)
ON DUPLICATE KEY UPDATE charClass=ranger,charLevel=81,charLife=4500,charES=50,charInt=50,charStr=300,charDex=250;
"SQLSTATE[42S22]: Column not found: 1054 Unknown column 'mlkauschwitz' in 'field list'"
include "db.php";
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$char = array(
'charClass'=>'ranger',
'charDex'=>'250',
'charES'=>'50',
'charInt'=>'50',
'charLevel'=>'81',
'charLife'=>'4500',
'charName'=>'mlkauschwitz',
'charStr'=>'300',
);
$sql = 'INSERT INTO chars (charName,charClass,charLevel,charLife,charES,charInt,charStr,charDex) VALUES ('.$char["charName"].','.$char["charClass"].','.$char["charLevel"].','.$char["charLife"].','.$char["charES"].','.$char["charInt"].','.$char["charStr"].','.$char["charDex"].') ON DUPLICATE KEY UPDATE charClass='.$char["charClass"].',charLevel='.$char["charLevel"].',charLife='.$char["charLife"].',charES='.$char["charES"].',charInt='.$char["charInt"].',charStr='.$char["charStr"].',charDex='.$char["charDex"].';';
$stmt = $conn->prepare($sql);
$stmt->setFetchMode(PDO::FETCH_ASSOC);
if ($stmt) {
try {
$stmt->execute();
}
catch (PDOException $e) {
var_dump($e);
}
}
charName字段是唯一的/主要的。结果SQL中的值需要引用。 使用pdo,您应该执行以下操作:
$sql = 'INSERT INTO chars (charName,charClass,charLevel,charLife,charES,charInt,charStr,charDex) VALUES (?, ?, ?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE charClass='.$char["charClass"].',charLevel='.$char["charLevel"].',charLife='.$char["charLife"].',charES='.$char["charES"].',charInt='.$char["charInt"].',charStr='.$char["charStr"].',charDex='.$char["charDex"].';';
$stmt = $conn->prepare($sql);
$stmt->setFetchMode(PDO::FETCH_ASSOC);
if ($stmt) {
try {
$stmt->execute(array($char["charName"],$char["charClass"],$char["charLevel"],$char["charLife"],$char["charES"],$char["charInt"],$char["charStr"],$char["charDex"]));
}
catch (PDOException $e) {
var_dump($e);
}
}
不确定确切的语法,但您可以在手册中查找。这可以确保PDO正确引用所有值,并避免mysql注入问题。结果SQL中的值需要被引用。 使用pdo,您应该执行以下操作:
$sql = 'INSERT INTO chars (charName,charClass,charLevel,charLife,charES,charInt,charStr,charDex) VALUES (?, ?, ?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE charClass='.$char["charClass"].',charLevel='.$char["charLevel"].',charLife='.$char["charLife"].',charES='.$char["charES"].',charInt='.$char["charInt"].',charStr='.$char["charStr"].',charDex='.$char["charDex"].';';
$stmt = $conn->prepare($sql);
$stmt->setFetchMode(PDO::FETCH_ASSOC);
if ($stmt) {
try {
$stmt->execute(array($char["charName"],$char["charClass"],$char["charLevel"],$char["charLife"],$char["charES"],$char["charInt"],$char["charStr"],$char["charDex"]));
}
catch (PDOException $e) {
var_dump($e);
}
}
不确定确切的语法,但您可以在手册中查找。这可以确保PDO正确引用所有值,并避免mysql注入问题。如果mlkauschwitz不是列而是值,则必须引用它
请参阅mysqli_escape_string()如果mlkauschwitz不是列而是值,则必须引用它
请参阅mysqli_escape_string()将查询更改为插入到chars中(charName、charClass、charLevel、charLife、charES、charInt、charStr、charDex) 值('mlkauschwitz','ranger','81','4500','50','50','300','250')
在重复密钥更新时,charClass='ranger',charLevel='81',charLife='4500',charES='50',charInt='50',charStr='300',charDex='250'将查询更改为
插入chars(charName、charClass、charLevel、charLife、charES、charInt、charStr、charDex)
值('mlkauschwitz','ranger','81','4500','50','50','300','250')
在重复密钥更新时,charClass='ranger',charLevel='81',charLife='4500',charES='50',charInt='50',charStr='300',charDex='250'注意,这不会在字符串中添加引号。另外,PDO也不需要这样做,因为PDO负责引用和转义。另外,PDO也不需要这样做,因为PDO负责引用和转义。