我正在尝试将数据保存到数据库,我得到了一个我从未见过的错误 我有预感它与db整理有关但我不确定是什么错误,
这是查询:
$query1 = "INSERT INTO scape.url (url,normalizedurl,service,idinservice) VALUES (url, normalizedurl, 4, 45454)";
$query = "INSERT INTO scape.url (url, normalizedurl, service, idinservice) VALUES ("
.$sql->real_escape_string($this->url).","
.$sql->real_escape_string($this->normalizedUrl).","
.$sql->real_escape_string($this->service).","
.$sql->real_escape_string($this->idInService).")";
$result = $sql->query($query);
echo $sql->error;
我得到的错误信息是:
您的SQL语法有错误;查看与您的MySQL服务器版本对应的手册,以便在第1行的'://www.something/here/here/here/12345,httpwwwsomthighere'附近使用正确的语法
此字段的数据库归类是utf8-general-ci,字段类型是varchar 255
有关于此的任何想法吗?
答案 0 :(得分:1)
如果你这样做,你仍然需要在字符串(url和normalizedurl)周围加上引号。这就是它所指的语法问题。
这很难过,这不是推荐使用mysqli传递参数的方法。 mysqli的重点是它具有查询参数化。例如:
$mysqli = new mysqli($host, $user, $password, $database);
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit;
}
$sql = <<<END
INSERT INTO scape.url (url,normalizedurl,service,idinservice)
VALUES (?, ?, ?, ?)
END;
$stmt = $mysqli->prepare($sql);
if ($stmt === false) {
printf("Error executing %s: %s\n", $sql, $stmt->error);
exit;
}
$stmt->bind_param('ssii', $this->url, $this->normalizedUrl,
$this->service, $this->idInService);
$stmt->execute();