查询cakephp无法正常工作

时间:2016-04-09 19:36:38

标签: cakephp

我在控制器中有这个查询。它是数据库中的简单插入数据。

$this->User->query('INSERT INTO users(CF,phone,username,email,city,firstname,lastname,active,group_id) VALUES ('$CF','$phone','$username','$email','$city','$name','$name','$active','$group_id')');

这是模特:

<?php
App::uses('AppModel', 'Model');
/**
 * User Model
 *
 * @property Group $Group
 * @property User $ParentUser
 * @property User $ChildUser
 * @property Facility $Facility
 * @property ServiceCategory $ServiceCategory
 */
class User extends AppModel {

/**
 * Display field
 *
 * @var string
 */
    public $displayField = 'name';


    //The Associations below have been created with all possible keys, those that are not needed can be removed

/**
 * belongsTo associations
 *
 * @var array
 */


 public $virtualFields = array(
    // 'name' => 'CONCAT(User.lastname, " ", User.firstname)'
    'name' => 'CONCAT(lastname, " ", firstname)'
);


    public $belongsTo = array(
        'Group' => array(
            'className' => 'Group',
            'foreignKey' => 'group_id',
            'conditions' => '',
            'fields' => '',
            'order' => ''
        ), 'Gender'
    );

    public $hasMany = array('Bid');

/**
 * hasAndBelongsToMany associations
 *
 * @var array
 */
    public $hasAndBelongsToMany = array(
        'Facility' => array(
            'className' => 'Facility',
            'joinTable' => 'facilities_users',
            'foreignKey' => 'user_id',
            'associationForeignKey' => 'facility_id',
            'unique' => 'keepExisting',
            'conditions' => '',
            'fields' => '',
            'order' => '',
            'limit' => '',
            'offset' => '',
            'finderQuery' => '',
        ),
        'ServiceCategory' => array(
            'className' => 'ServiceCategory',
            'joinTable' => 'service_categories_users',
            'foreignKey' => 'user_id',
            'associationForeignKey' => 'service_category_id',
            'unique' => 'keepExisting',
            'conditions' => '',
            'fields' => '',
            'order' => '',
            'limit' => '',
            'offset' => '',
            'finderQuery' => '',
        )
    );

}

但答案是一个空白页面。 cakephp版本是2.有人可以帮忙吗?如果你能向我解释我错在哪里,那么我就不会重复同样的错误了。

1 个答案:

答案 0 :(得分:1)

为什么在使用具有宏观ORM的框架时会执行类似的插入操作。您的解决方案会打开您的SQL注入应用程序。

以正确的方式行事。 

$data = array(
    'CF' => $CF,
    'phone' => $phone,
    'username' => $username,
    'email' => $email,
    'city' => $city,
    'name' => $name,
    'active' => $active,
    'group_id' => $group_id
);

$this->User->create();
$this->User->save($data);

http://book.cakephp.org/2.0/en/models/saving-your-data.html

相关问题
最新问题