Question

我有一个最奇怪的错误，modx站点中的简单导入/导出脚本导致一些非常奇怪的行为。这是脚本：

<?php
/**
 * Project: httpdocs
 * Created by: BigBlock Studios .
 * User: Sean Kimball
 * Date: 16/07/14
 * Time: 2:44 PM
 */

$remoteip = $_SERVER['REMOTE_ADDR'];

$allowedips = array('xxx.xxx.xxx.xxx','xxx.xxx.xxx.xxx');

if(!in_array($remoteip, $allowedips)){ echo 'denied'; return; }

error_reporting(E_ALL);
ini_set('display_errors', '1');

$mshost = 'xxx.xxx.xxx.xxx';
$msdb = 'msdb';
$msuser = 'msuser';
$mspass = 'mspass';

$myhost = 'xxx.xxx.xxx.xxx';
$mydb = 'mydb';
$myuser = 'myuser';
$mypass = 'mypass';
$mytable = 'modx_gssi_inventory_data';
$gatable = 'modx_gssi_inventory_gage';
$n = 100;

$query ="select TOP $n RECORDNUMBER,RESERVECUST,TAGNUMBER,ORIGINALPRICE,WIDTH,LENGTH,SCALEWGT,MINGAGE,IBLNUMBER,MILLTAGNO,VISUALDESC,FINISH,LOCATION,PONUMBER,VENDORNUMBER,STORAGETAGNO,PRODCLASS,RELEASENUMBER, PURCHASEDESC,NCTCT,STATUS,SALESDESC,CUSTOMERPONUMBER,PLANTLOCATION,LINEALFT,PIW from dbo.POInvWrk WHERE STATUS = 'A' AND RESERVECUST = ''";

$connection = mssql_pconnect($mshost, $msuser, $mspass);

if(!$connection){echo 'Could not connect to SQL server';}

if (!mssql_select_db($msdb, $connection)) {echo 'Unable to select MSSQL database!';}

$results = mssql_query($query, $connection);

// echo mssql_num_rows($results);

if (!mssql_num_rows($results)) {

    echo 'No MSSQL records found';

} else {

    $conn = mysql_connect($myhost, $myuser, $mypass);
    mysql_select_db($mydb, $conn);
    if (!$conn) { echo 'Failed to connect to MySQL'; }
    mysql_query("delete from $mytable")or die(mysql_error()."delete failed");

    while ($result = mssql_fetch_array($results, MSSQL_BOTH)) {

        $TAGNUMBER = trim(mysql_real_escape_string($result['TAGNUMBER']));
        $NCTCT = trim(mysql_real_escape_string($result['NCTCT']));
        $PRODCLASS = trim(mysql_real_escape_string($result['PRODCLASS']));
        $FINISH = trim(mysql_real_escape_string($result['FINISH']));
        $MINGAGE = trim(mysql_real_escape_string($result['MINGAGE']));
        $WIDTH = trim(mysql_real_escape_string($result['WIDTH']));
        $LENGTH = trim(mysql_real_escape_string($result['LENGTH']));
        $SCALEWGT = trim(mysql_real_escape_string($result['SCALEWGT']));
        $RESERVECUST = trim(mysql_real_escape_string($result['RESERVECUST']));
        $PONUMBER = trim(mysql_real_escape_string($result['PONUMBER']));
        $PLANTLOCATION = trim(mysql_real_escape_string($result['PLANTLOCATION']));
        $LOCATION = trim(mysql_real_escape_string($result['LOCATION']));
        $STORAGETAGNO = trim(mysql_real_escape_string($result['STORAGETAGNO']));
        $VENDORNUMBER = trim(mysql_real_escape_string($result['VENDORNUMBER']));
        $ORIGINALPRICE = trim(mysql_real_escape_string($result['ORIGINALPRICE']));
        $MILLTAGNO = trim(mysql_real_escape_string($result['MILLTAGNO']));
        $RELEASENUMBER = trim(mysql_real_escape_string($result['RELEASENUMBER']));
        $IBLNUMBER = trim(mysql_real_escape_string($result['IBLNUMBER']));
        $VISUALDESC = trim(mysql_real_escape_string($result['VISUALDESC']));
        $PURCHASEDESC = trim(mysql_real_escape_string($result['PURCHASEDESC']));
        $RECORDNUMBER = trim(mysql_real_escape_string($result['RECORDNUMBER']));
        $STATUS = trim(mysql_real_escape_string($result['STATUS']));
        $SALESDESC = trim(mysql_real_escape_string($result['SALESDESC']));
        $CUSTOMERPONUMBER = trim(mysql_real_escape_string($result['CUSTOMERPONUMBER']));
        $LINEALFT = trim(mysql_real_escape_string($result['LINEALFT']));
        $PIW = trim(mysql_real_escape_string($result['PIW']));

        $GA = mysql_query("select ga from $gatable where $MINGAGE >= min and $MINGAGE <= max;");
        echo "select ga from $gatable where $MINGAGE >= min and $MINGAGE <= max = $GA <br />";
        $timestamp = time();

        $insert = "insert into $mytable (`timestamp`,
                tag_no, classification, grade, finish,
                gage, ga, width, `length`,
                scale_wgt, cust, po_num, plant,
                location, storage_tag_no, vendor_number, original_price,
                mill_tag_no, release_number, ibl_number, visual_desc,
                purchase_desc, mssql_id, status, sales_desc,
                customer_po_num, nctct, linealft, piw)
            values (
                '$timestamp',
                '$TAGNUMBER',
                '$NCTCT',
                '$PRODCLASS',
                '$FINISH',
                '$MINGAGE',
                '$GA',
                '$WIDTH',
                '$LENGTH',
                '$SCALEWGT',
                '$RESERVECUST',
                '$PONUMBER',
                '$PLANTLOCATION',
                '$LOCATION',
                '$STORAGETAGNO',
                '$VENDORNUMBER',
                '$ORIGINALPRICE',
                '$MILLTAGNO',
                '$RELEASENUMBER',
                '$IBLNUMBER',
                '$VISUALDESC',
                '$PURCHASEDESC',
                '$RECORDNUMBER',
                '$STATUS',
                '$SALESDESC',
                '$CUSTOMERPONUMBER',
                '$NCTCT',
                '$LINEALFT',
                '$PIW'

        );";

        mysql_query($insert)or die(mysql_error()."insert failed".$insert);

    }

    //$mysqli->close();
}


?>

问题在于它没有填充＆＃34; GA＆＃34;其他一切都运行正常。

我回答了选择＆＃34; GA＆＃34;值输出如下记录：

select ga from modx_gssi_inventory_gage where 0.182 >= min and 0.182 <= max = Resource id #10

如果我对modx_gssi_inventory_gage表运行查询，我得到的结果不是一个整数＆＃34;资源ID＃10＆＃34;

注意到这个脚本甚至不知道modx＆amp;不应该返回任何资源ID。
它是独立运行的，没有什么叫它只是指向脚本的浏览器。
我可以从一个甚至没有安装modx的域运行这个＆amp;它仍会以这种奇怪的方式回归。

关于这个怎么回事？

Answer 1

$GA = mysql_query("select ga from $gatable where $MINGAGE >= min and $MINGAGE <= max;");

应返回resource，确实如此。您需要先处理该结果，然后才能有效地使用它。

$row = mysql_fetch_assoc($GA); $GA = $row['ga'];

请参阅PHP's页面。

导致此modx错误的原因是什么？

1 个答案: