Php 插入到。。。关于重复密钥更新的sprintf混淆
我有一个页面,有多个简单的输入供用户选择信息更新选项。用户可能尚未定义更新配置文件,因此我尝试使用“插入到…重复密钥更新”语句。我还尝试使用sprintf来避免可能的SQL注入问题。我的问题是我无法开始理解如何编写SQL语句。下面是相关的代码片段Php 插入到。。。关于重复密钥更新的sprintf混淆,php,mysql,Php,Mysql,我有一个页面,有多个简单的输入供用户选择信息更新选项。用户可能尚未定义更新配置文件,因此我尝试使用“插入到…重复密钥更新”语句。我还尝试使用sprintf来避免可能的SQL注入问题。我的问题是我无法开始理解如何编写SQL语句。下面是相关的代码片段 $updateSQL = sprintf("INSERT INTO reminders_cfg (id, day_of, day_of_advance, day_prior, default_time, wee
$updateSQL = sprintf("INSERT INTO reminders_cfg
(id, day_of, day_of_advance, day_prior, default_time, week_prior, 2_week_prior, 3_week_prior, 4_week_prior, 5_week_prior, day_after, 2_week_after, 50_day_after)
VALUES %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s
ON DUPLICATE KEY UPDATE ",
GetSQLValueString($jeweler, "text"),
GetSQLValueString($_POST['DayOf'], "text"),
GetSQLValueString($_POST['Advance'], "text"),
GetSQLValueString($_POST['DayPrior'], "text"),
GetSQLValueString($_POST['Time'], "text"),
GetSQLValueString($_POST['WeekPrior'], "text"),
GetSQLValueString($_POST['2WeeksPrior'], "text"),
GetSQLValueString($_POST['3WeeksPrior'], "text"),
GetSQLValueString($_POST['4WeeksPrior'], "text"),
GetSQLValueString($_POST['5WeeksPrior'], "text"),
GetSQLValueString($_POST['DayAfter'], "text"),
GetSQLValueString($_POST['2WeeksAfter'], "text"),
GetSQLValueString($_POST['50DaysAfter'], "text"));
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$stmt = $mysqli->prepare("INSERT INTO reminders_cfg
(id, day_of, day_of_advance, day_prior, default_time, week_prior, 2_week_prior, 3_week_prior, 4_week_prior, 5_week_prior, day_after, 2_week_after, 50_day_after)
VALUES :id, :day_of, :day_of_advance, :day_prior, :default_time, :week_prior, :2_week_prior, :3_week_prior, :4_week_prior, :5_week_prior, :day_after, :2_week_after, :50_day_after
ON DUPLICATE KEY UPDATE day_of = :day_of, day_of_advance = :day_of_advance, day_prior = :day_prior, default_time = :default_time, week_prior = :Week_prior, 2_week_prior = :2_week_prior, 3_week_prior = :3_week_prior, 4_week_prior = :4_week_prior, 5_week_prior = :5_week_prior, day_after = :day_after, 2_week_after = :2_week_after, 50_day_after = :50_day_after")
or die($mysqli->error);
$stmt->bindParam(':id', $jeweler, PDO::PARAM_INT);
$stmt->bindParam(':day_of', $_POST['DayOf'], PDO::PARAM_STR, 6);
$stmt->bindParam(':day_of_advance', $_POST['Advance'], PDO::PARAM_INT);
$stmt->bindParam(':day_prior', $_POST['DayPrior'], PDO::PARAM_STR, 6);
$stmt->bindParam(':default_time', $_POST['Time'], PDO::PARAM_STR, 9);
$stmt->bindParam(':week_prior', $_POST['WeekPrior'], PDO::PARAM_STR, 6);
$stmt->bindParam(':2_week_prior', $_POST['2WeeksPrior'], PDO::PARAM_STR, 6);
$stmt->bindParam(':3_week_prior', $_POST['3WeeksPrior'], PDO::PARAM_STR, 6);
$stmt->bindParam(':4_week_prior', $_POST['4WeeksPrior'], PDO::PARAM_STR, 6);
$stmt->bindParam(':5_week_prior', $_POST['5WeeksPrior'], PDO::PARAM_STR, 6);
$stmt->bindParam(':day_after', $_POST['DayAfter'], PDO::PARAM_STR, 6);
$stmt->bindParam(':2_week_after', $_POST['2WeeksAfter'], PDO::PARAM_STR, 6);
$stmt->bindParam(':50_day_after', $_POST['50DaysAfter'], PDO::PARAM_STR, 6);
$stmt->execute() or die("Insert query error: " . mysql_error());
$stmt->close();
}
您的SQL语法有错误;检查与您的MySQL服务器版本对应的手册,查看第3行的“:id、:day_of、:day_of_advance、:day_of_previor、:default_time、:week_previor、:2_week_p”附近使用的正确语法,如果有一个可能发生碰撞的键,则只应在重复键更新时使用
。在这种情况下,我猜是ID
您最好定义一个触发器。大概是这样的:
CREATE TRIGGER `reminders_cfg_duplicates` BEFORE INSERT ON `reminders_cfg` FOR EACH ROW
DELETE FROM `reminders_cfg` WHERE `id`=new.`id`;
例如,从phpMyAdmin的控制面板运行一次。然后,数据库将自动删除任何导致重复的行,从而允许插入新行,而无需在更新中复制所有值。在重复键更新上之后,您只需放置要更新的值,并保留应保持不变的值。e、 g
纯mysql示例
insert into my_table(name, lastSeen, salary)
values("Some Name", now(), 25334)
on duplicate key update salary = 25334, lastSeen = now()
name
是主键
仅用于此示例
现在假设数据库中已经存在一条同名记录,则只需通过更改salary和lastSeen来更新条目。如果没有,将使用提供的值创建条目。在声明的第一部分
插入my_表(姓名、上次查看、薪资)
值(“某些名称”,now(),25334)
希望有帮助
再见
如果您在问题中添加了希望在重复密钥上更新的字段,那么我们就可以使用您的代码回答您的问题
编辑
可以
我知道这不是最好的格式化代码,但也许这有帮助?(可能其中有语法错误,但如果这是您想要的,您可能会明白)
我从DB表填充表单,这些是每个表单字段的默认值。我真的只想更改任何不同的字段,但是因为这些字段来自同一个DB表,所以我很乐意更新所有字段。是的。这正是我所害怕的,而且实际上我试图避免的。我想知道占位符中的数字引用是否可以多次访问相同的变量,但不是这样,就是我在代码中把它搞砸了。如果开发人员向trunk提交这样的代码,他们可能会在办公室里被啃坏。您应该看看PDO和命名参数。我完全同意上面的评论!您现在在更新中将PDO与mysqli混合使用为什么要插入id?该列应为自动增量。另外,您可以发布您的表模式吗?在重复密钥更新时,需要一个主键或唯一键才能正常工作。这几乎是毫无意义的,因为REPLACE-INTO在没有触发器的情况下执行完全相同的操作
$updateSQL = sprintf("INSERT INTO reminders_cfg
(id, day_of, day_of_advance, day_prior, default_time,
week_prior, 2_week_prior, 3_week_prior, 4_week_prior,
5_week_prior, day_after, 2_week_after, 50_day_after)
VALUES %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s
ON DUPLICATE KEY UPDATE id = %s, day_of = %s, day_of_advance = %s,
day_prior = %s, default_time = %s, week_prior = %s,
2_week_prior = %s, 3_week_prior = %s, 4_week_prior = %s,
5_week_prior = %s, day_after = %s, 2_week_after = %s,
50_day_after = %s ",
GetSQLValueString($jeweler, "text"),
GetSQLValueString($_POST['DayOf'], "text"),
GetSQLValueString($_POST['Advance'], "text"),
GetSQLValueString($_POST['DayPrior'], "text"),
GetSQLValueString($_POST['Time'], "text"),
GetSQLValueString($_POST['WeekPrior'], "text"),
GetSQLValueString($_POST['2WeeksPrior'], "text"),
GetSQLValueString($_POST['3WeeksPrior'], "text"),
GetSQLValueString($_POST['4WeeksPrior'], "text"),
GetSQLValueString($_POST['5WeeksPrior'], "text"),
GetSQLValueString($_POST['DayAfter'], "text"),
GetSQLValueString($_POST['2WeeksAfter'], "text"),
GetSQLValueString($_POST['50DaysAfter'], "text"),
GetSQLValueString($jeweler, "text"),
GetSQLValueString($_POST['DayOf'], "text"),
GetSQLValueString($_POST['Advance'], "text"),
GetSQLValueString($_POST['DayPrior'], "text"),
GetSQLValueString($_POST['Time'], "text"),
GetSQLValueString($_POST['WeekPrior'], "text"),
GetSQLValueString($_POST['2WeeksPrior'], "text"),
GetSQLValueString($_POST['3WeeksPrior'], "text"),
GetSQLValueString($_POST['4WeeksPrior'], "text"),
GetSQLValueString($_POST['5WeeksPrior'], "text"),
GetSQLValueString($_POST['DayAfter'], "text"),
GetSQLValueString($_POST['2WeeksAfter'], "text"),
GetSQLValueString($_POST['50DaysAfter'], "text"));