执行INSERT查询时获取MySQL错误1064

时间:2009-10-04 21:00:15

标签: php mysql mysql-error-1064

我正在做的是抓取Feed并插入每个Feed项的数据。请参阅下面的我正在使用的代码。好。所以我运行带有查询的页面,它将feed加载到simplexml中,然后在feed中插入前两项,但是当它到达第三项时我得到一个错误。请参阅下面的错误。

我正在使用PHP5& MySQL 5.0.4

PHP代码: 

$xml = simplexml_load_file($feed['url']);

foreach($xml->channel->item as $item)
{                       
    $this->query = $this->db->query("
    INSERT INTO `feed_items`
    (`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`)
    VALUES
    ('{$feed['id']}', '{$item->guid}', '{$item->pubDate}', NULL, '{$item->link}', '{$item->title}', '{$item->description}', NULL)
    ");
}

错误: 

A Database Error Occurred
Error Number: 1064

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'permitted_uri_chars']? That seems risky though. Is it a static page that you're ' at line 4

INSERT INTO `feed_items` (`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`) VALUES ('2', 'http://twitter.com/kyct/statuses/4131154118', 'Sun, 20 Sep 2009 20:54:41 +0000', NULL, 'http://twitter.com/kyct/statuses/4131154118', 'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?', 'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?', NULL)

Feed网址:

http://twitter.com/statuses/user_timeline/6431322.rss

以下是此Feed的示例: 

<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0">
  <channel>
    <title>Twitter / kyct</title>
    <link>http://twitter.com/kyct</link>
    <atom:link type="application/rss+xml" href="http://twitter.com/statuses/user_timeline/6431322.rss" rel="self"/>
    <description>Twitter updates from Kylee Tilley / kyct.</description>
    <language>en-us</language>
    <ttl>40</ttl>
  <item>
    <title>kyct: RT @ruinbox #reddit asploded. Here is the code: http://paste2.org/p/441124</title>
    <description>kyct: RT @ruinbox #reddit asploded. Here is the code: http://paste2.org/p/441124</description>
    <pubDate>Mon, 28 Sep 2009 03:01:34 +0000</pubDate>
    <guid>http://twitter.com/kyct/statuses/4433385042</guid>
    <link>http://twitter.com/kyct/statuses/4433385042</link>
  </item>
  <item>
    <title>kyct: #reddit.com is hitting hit by some worm/exploit in the comments. Viewing comments will cause you to spread this worm/exploit.</title>
    <description>kyct: #reddit.com is hitting hit by some worm/exploit in the comments. Viewing comments will cause you to spread this worm/exploit.</description>
    <pubDate>Mon, 28 Sep 2009 02:22:51 +0000</pubDate>
    <guid>http://twitter.com/kyct/statuses/4432550280</guid>
    <link>http://twitter.com/kyct/statuses/4432550280</link>
  </item>
  <item>
    <title>kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?</title>
    <description>kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?</description>
    <pubDate>Sun, 20 Sep 2009 20:54:41 +0000</pubDate>
    <guid>http://twitter.com/kyct/statuses/4131154118</guid>
    <link>http://twitter.com/kyct/statuses/4131154118</link>
  </item>
  </channel>

</rss>

2 个答案:

答案 0 :(得分:3)

您需要在(至少)'description'字段中转义引号,然后再将其输入db:

foreach($xml->channel->item as $item)
{                                       
    $this->query = $this->db->query("
    INSERT INTO `feed_items`
    (`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`)
    VALUES
    ('{$feed['id']}', '{$item->guid}', '{$item->pubDate}', NULL, '{$item->link}', '{$item->title}', '" . mysql_real_escape_string($item->description). "', NULL)
    ");
}

虽然我不确定mysql_real_escape_string现在用的是什么。

答案 1 :(得分:1)

'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?', 'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?'

您需要转义单引号,如下所示:

"INSERT INTO `feed_items`
(`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`)
VALUES
('{$feed['id']}', '{$item->guid}', '{$item->pubDate}', NULL, '{$item->link}', '" . mysql_real_escape_string($item->title) . "', '" . 
 mysql_real_escape_string($item->description) . "', NULL)
";
相关问题
最新问题