我有以下查询:
INSERT INTO questions (question_parent_id, question_subject_id, question_topic_id,
question_directions, question_text, question_file, question_description,
question_difficulty_type, question_has_sub_ques, question_picked_individually,
question_manual, question_site_id, question_created_staff_id, question_added_date,
question_appeared_count, question_updated_staff_id, question_updated_date)
SELECT question_parent_id, question_subject_id, question_topic_id,
question_directions, question_text, question_file, question_description,
question_difficulty_type, question_has_sub_ques, question_picked_individually,
question_manual, question_site_id, question_created_staff_id, question_added_date,
question_appeared_count, question_updated_staff_id, question_updated_date
FROM questions
WHERE question_subject_id='8'
AND question_topic_id='545'
现在在上面的查询中我想插入
的字段值question_subject_id = $ form_data ['to_subject_id']; 和 question_topic_id = $ form_data ['from_topic_id'];
我尝试了以下查询,但它给了我一个错误。有人可以帮帮我吗?
INSERT INTO questions (question_parent_id, (question_subject_id, '8'),
(question_topic_id, '547'), question_directions, question_text, question_file,
question_description, question_difficulty_type, question_has_sub_ques,
question_picked_individually, question_manual, question_site_id,
question_created_staff_id, question_added_date, question_appeared_count,
question_updated_staff_id, question_updated_date)
SELECT question_parent_id, question_subject_id, question_topic_id,
question_directions, question_text, question_file, question_description,
question_difficulty_type, question_has_sub_ques, question_picked_individually,
question_manual, question_site_id, question_created_staff_id,
question_added_date, question_appeared_count, question_updated_staff_id,
question_updated_date
FROM questions
WHERE question_subject_id='8'
AND question_topic_id='545'
答案 0 :(得分:2)
这是错误的:
INSERT INTO questions (question_parent_id, (question_subject_id, '8'), (question_topic_id, '547'), question_directions, ... )
正确的语法是
INSERT INTO table1 (col1, col2)
SELECT col1, col2 ...
如果要在语句中添加变量,可能需要最后的那些
$stmt = '... FROM questions
WHERE question_subject_id = ' . $form_data['to_subject_id']
. ' AND question_topic_id = ' . $form_data['from_topic_id'];
不建议使用此方法,因为它可能容易受到SQL注入攻击。使用prepared statements.
答案 1 :(得分:-1)
您的SQL查询应按如下方式构建 -
$sql="INSERT INTO questions (question_parent_id, question_subject_id, question_topic_id,
question_directions, question_text, question_file, question_description,
question_difficulty_type, question_has_sub_ques, question_picked_individually,
question_manual, question_site_id, question_created_staff_id, question_added_date,
question_appeared_count, question_updated_staff_id, question_updated_date)
SELECT question_parent_id, question_subject_id, question_topic_id,
question_directions, question_text, question_file, question_description,
question_difficulty_type, question_has_sub_ques, question_picked_individually,
question_manual, question_site_id, question_created_staff_id, question_added_date,
question_appeared_count, question_updated_staff_id, question_updated_date
FROM questions
WHERE question_subject_id='".$form_data['to_subject_id']."'
AND question_topic_id='".$form_data['from_topic_id']."'";