我在尝试更新/插入记录时不断收到此错误:
'字段列表'中的未知列'test'SQL = INSERT INTO oovea_vehiclemanager_feature_vehicles(fk_vehicleid,fk_featureid,fk_value)VALUES(13,56,test)
以下是我设置的表单:
<?php
if (isset($_POST['feature'])){
$feature = $_POST['feature'];
$featureInput = $_POST['featureInput'];
$database->setQuery("DELETE FROM #__vehiclemanager_feature_vehicles WHERE fk_vehicleid = " . $vehicle->id);
$database->query();
for ($i = 0; $i < count($feature); $i++) {
$database->setQuery("INSERT INTO #__vehiclemanager_feature_vehicles (fk_vehicleid, fk_featureid, fk_value) VALUES (" . $vehicle->id . ", " . $feature[$i] . ", " . $featureInput[$i] . ")");
$database->query();
}
}
?>
这是我的表单字段:
<?php
if($vehicle_feature[$i]->name): ?>
<div class="checkbox_vm">
<input type="checkbox" class="checkbox_veh" id="checkbox_addveh<?php echo $i; ?>" <?php if ($vehicle_feature[$i]->check) echo "checked"; ?> name="feature[]" value="<?php echo $vehicle_feature[$i]->id; ?>">
<label for="checkbox_addveh<?php echo $i; ?>"><?php echo $vehicle_feature[$i]->name; ?></label>
<input type="text" class="" id="input_addveh<?php echo $i; ?>" name="featureInput[]" value="<?php echo $vehicle_feature[$i]->value; ?>">
</div>
<?php endif; ?>
显然,从上面的错误中,我可以看到featureInput字段的值正在发布,而我的“INSERT INTO”的语法看起来是正确的。此外,如果我只删除“fk_value”,“$ featureInput [$ i]。
的列,它将起作用。答案 0 :(得分:1)
尝试使用单引号:
VALUES ('" . $vehicle->id . "', '" . $feature[$i] . "', '" . $featureInput[$i] . "')
答案 1 :(得分:1)
您尚未在查询中正确引用字符串数据。
试试这个:
<?php
if (isset($_POST['feature'])) {
$feature = $_POST['feature'];
$featureInput = $_POST['featureInput'];
$database->setQuery("DELETE FROM #__vehiclemanager_feature_vehicles WHERE fk_vehicleid = $vehicle->id");
$database->query();
for ($i = 0; $i < count($feature); $i++) {
$database->setQuery("INSERT INTO #__vehiclemanager_feature_vehicles (fk_vehicleid, fk_featureid, fk_value) VALUES ($vehicle->id,$feature[$i],'$featureInput[$i]')");
$database->query();
}
}
?>
您还需要需要处理一些严重的SQL注入问题,否则攻击者很容易破解您的数据库。