1. 首页
  2. 问答
  3. 将数组保存到数据库中

将数组保存到数据库中

2012-06-27 240 views
0

我从将数组插入数据库时​​出错。 错误:您的SQL语法有错误;请查看与您的MySQL服务器版本相对应的手册,以便在第23行的“访问学生应该咨询学生应参考相关部门”附近使用正确的语法。将数组保存到数据库中

这里低于

array 
'Choose by Subject Category or Module Code' => string '' (length=0) 
' 
Back to Home page' => string '' (length=0) 
'International' => string 'visiting students should consult the' (length=36) 
'Undergraduate' => string 'students should refer to the relevant section of the UCC' (length=56) 
'Postgraduate' => string 'students should refer to the relevant section of the UCC' (length=56) 
'Credit Weighting' => string '5' (length=1) 
'Teaching Period(s)' => string 'Teaching Period 1.' (length=18) 
'No. of Students' => string 'Min 15, Max 30.' (length=15) 
'Pre-requisite(s)' => string 'None' (length=4) 
'Co-requisite(s)' => string 'None' (length=4) 
'Teaching Methods' => string '1 x 4hr(s) Lectures; Other (Distance Education Module - Up to 146hrs Self Directed Study).' (length=90) 
'Module Co-ordinator' => string 'Dr Peter Cleary, Department of Accounting, Finance and Information Systems.' (length=75) 
'Lecturer(s)' => string 'Staff, Department of Accounting, Finance and Information Systems.' (length=65) 
'Module Objective' => string 'To examine the management uses of accounting information and to enhance students ability to exert effective managerial control.' (length=127) 
'Module Content' => string 'Topics include; the accounting information needs of management, costs and pricing; estimating costs; the identification of key performance indicators; budgeting for control; capital investment appraisal and implications for strategic planning and control.' (length=256) 
'Learning Outcomes' => string 'On successful completion of this module, students should be able to:' (length=68) 
'Assessment' => string 'Total Marks 100: Continuous Assessment 100 marks (Project/ Essay. Approximately 1500 words.).' (length=93) 
'Compulsory Elements' => string 'Continuous Assessment.' (length=22) 
'Penalties (for late submission of Course/Project Work etc.)' => string 'Where work is submitted up to and including 7 days late, 10% of the total marks available shall be deducted from the mark achieved. Where work is submitted up to and including 14 days late, 20% of the total marks available shall be deducted from the mark achieved. Work submitted 15 days late or more shall be assigned a mark of zero.' (length=336) 
'Pass Standard and any Special Requirements for Passing Module' => string '40%.' (length=4) 
'End of Year Written Examination Profile' => string 'No End of Year Written Examination.' (length=35) 
'Requirements for Supplemental Examination' => string 'Marks in passed element(s) of Continuous Assessment are carried forward, Failed element(s) of Continuous Assessment must be repeated (Resubmission of revised Continuous Assessment).' (length=181)

阵列下面是查询。

//============== INSERT QUERY================// 
$result = array();  
foreach($result as $snode){ 
$query = sprintf("INSERT INTO save_array 
     (ModuleCode, 
     Homepage, 
     International, 
     ......) VALUES ('%s')",mysql_real_escape_string($snode)); 


foreach ($result as $key => $value) 
$query = $query . "$value"; 

echo '<br /><br />'; 
mysql_query($query) or die($query."<br/><br/>".mysql_error()); 
echo $snode. '<br />'; 
} 
echo '<br /><br /><br />';

任何帮助,将不胜感激摸不着头脑。

//================== New Updated Query Using Mysqli ============================= 

$result = array(); 
foreach($result as $snode){ 
$snode = mysql_real_escape_string($snode); 
$query = sprintf("INSERT INTO save_array 
     (ModuleCode,Homepage,International,.......)VALUES ('%s')",implode("','",$result)); 

echo $query. '<br />'; 

foreach ($result as $key => $value) 
    $query = $query . "$value"; 
$result = mysql_query($query) or die (mysql_error()); 
}

我重复查询,似乎是正确的值插入右列,但没有执行到数据库中。

错误:您的SQL语法错误;检查与您的MySQL服务器版本相对应的手册,以便在附近使用正确的语法。“访问学生应该咨询学生应该参考第23行的相关部分”

来源

2012-06-27 user1444442

+0

请不要在新代码中使用'mysql_ *'函数。他们不再被维护,社区已经开始[弃用流程](http://goo.gl/KJveJ)。请参阅[**红框**](http://goo.gl/GPmFd)?相反,您应该了解[准备好的语句](http://goo.gl/vn8zQ)并使用[PDO](http://php.net/pdo)或[MySQLi](http://php.net/ mysqli的)。如果你不能决定,[本文](http://goo.gl/3gqF9)将有助于选择。如果你关心学习,[这里是很好的PDO教程](http://goo.gl/vFWnC)。 –

+0

好吧,我只是学习PHP,所以不太熟悉旧的代码和新的代码。如果我决定使用MySQLi,这是否意味着我必须更改我编写的与MySQLi一起工作的所有PHP脚本,或者如何工作?我会看看PDO,看看我能从中得到什么。 – user1444442

+0

你可以在你的问题中添加结果查询吗?在第一个问题解决之前不要使用mysqli。 –

回答

1

你想保存到多个列:

ModuleCode, 
Homepage, 
International, 
Undergraduate, 
...

与单个值('%s')

还指出,mysql_real_escape_string需要价值,而不是一个数组(我假设$ snode是一个数组)。 也可以考虑使用PDOmysqli

你可以这样做(只是举例,不知道该$ snode结构),并检查输出:

foreach($snode as &$val) { 
    $val = mysql_real_escape_string($val); 
} 
...VALUES ('%s'),implode("','",$snode)

更新:

我不能找到一个问题;该查询应该工作。 我甚至在我的系统(假设VARCHAR每一列(256))和您的查询输出创建了表的结构奋力(插入)如预期..

$result = array(); 
foreach($result as $snode) { 

    foreach($snode as &$val) { 
     $val = mysql_real_escape_string($val); 
    } 

    $query = sprintf("INSERT INTO save_array (
     ModuleCode,Homepage,International,Undergraduate,Postgraduate,CreditWeighting, 
     TeachingPeriod,NoofStudents,Prerequisite,Corequisite,TeachingMethods, 
     ModuleCoordinator,Lecturer,ModuleObjective,ModuleContent,LearningOutcomes, 
     Assessment,CompulsoryElements,Penalties,PassStandard, 
     EndofYearWrittenExamination,RequirementsforExamination) 
     VALUES ('%s')",implode("','",$snode)); 

    $result = mysql_query($query) or die (mysql_error()); 
}

运行上面的代码片段为它是;不要改变任何东西。

来源

2012-06-27 09:40:15

+0

嘿,对不起。我使用mysqli更新了我的代码,似乎将正确的值放入正确的列中,但没有将它保存到数据库中。不知道做错了什么? – user1444442

+0

我想你的方法和我得到相同的结果,从@杰克的做法正在逐渐:( – user1444442

+0

是否有错误调用使用error_reporting(E_ALL);?在脚本的顶部bring'em'all(只是为了安全)也我看到你变成mysqli_ *。这是你唯一的变化?如何对连接器mysqli_connect。坚持mysql_ *,直到问题解决,然后再升级(以最小化噪声分散注意力,真正的问题) – 2012-06-27 11:39:37

1

回应您的$查询,您会看到。 这不是一个有效的SQL语句。

规则编号1,2和3用于调试动态查询:查看查询本身。

来源

2012-06-27 09:37:34

+1

不,这些是第2,3和4号规则。#1不是使用'mysql_ *'。 –

+0

我回应了我的查询,似乎是在正确的列中放入正确的值,但仍未将其保存到数据库中。 – user1444442

0

您的主要问题是引号:

('%s')

然后您:

mysql_real_escape_string

它导致你的SQL冲突。使用MySQL转义或'。

所以发生的是,你的双逃避你的SQL输入,这是造成其实际的SQL注入...

而且MYSQL真正转义字符串将不插入$ snode作为数组。你将需要foreach提取数组building和array来注入SQL查询的数组。

来源

2012-06-27 09:40:37 Sammaye

0

假设你的阵列$node是在相同的顺序列你已经证明,你可以使用vsprintf(),而不是生成结果查询:

// assuming $node is the array with the data 
// generate list of place holders 
$placeholders = join(',', array_fill(0, count($node), "'%s'")); 

// construct full query using array_map applied to the escaping function 
$query = vsprintf("INSERT INTO save_array (ModuleCode, 
     Homepage, 
     International, 
     Undergraduate, 
     Postgraduate, 
     CreditWeighting, 
     TeachingPeriod, 
     NoofStudents, 
     Prerequisite, 
     Corequisite, 
     TeachingMethods, 
     ModuleCoordinator, 
     Lecturer, 
     ModuleObjective, 
     ModuleContent, 
     LearningOutcomes, 
     Assessment, 
     CompulsoryElements, 
     Penalties, 
     PassStandard, 
     EndofYearWrittenExamination, 
     RequirementsforExamination) VALUES ($placeholders)", 
      array_map('mysql_real_escape_string', $node) 
);

顺便说一句,不要使用mysql_功能!

来源

2012-06-27 09:50:55

相关问题

 相关问题