我测试了两种类型 1)
DB::statement('call abc_cmw("$ipaddress","$cname","$recvd_date","$language","$address1","$address2","$address3","$pincode","$mobileno","$amobileno","$email_address","$idproofdetail","$Description","$remedies","$gretype","$fcount","$content1","$content2","$district_problem","$city_problem", "$block_problem","$village_problem","$username","$sugg_demand","$dept_name","$indiv_grp","$ac_problem")');
2)
DB::select('exec abc_cmw("$ipaddress","$cname","$recvd_date","$language","$address1","$address2","$address3","$pincode","$mobileno","$amobileno","$email_address","$idproofdetail","$Description","$remedies","$gretype","$fcount","$content1","$content2","$district_problem","$city_problem", "$block_problem","$village_problem","$username","$sugg_demand","$dept_name","$indiv_grp","$ac_problem")');
但两种方式都有相同的错误
Connection.php第647行中的QueryException:SQLSTATE [42601]:语法 错误:7错误:语法错误在或附近" call"第1行:打电话 abc_cmw(" $ ipaddress"," $ cname"," $ re ... ^(SQL: 呼叫 abc_cmw(" $ IPADDRESS"" $ CNAME"" $ recvd_date"" $语言"" $地址1&#34 ;," $ 1地址"" $地址3"" $ pin码"" $ mobileno"" $ amobileno&#34 ;," $ EMAIL_ADDRESS"" $ idproofdetail"" $说明"" $补救"" $ gretype&#34 ;," $ FCOUNT"" $内容1"" $内容2"" $ district_problem"" $ city_problem&#34 ;, " $ block_problem"" $ village_problem"" $用户名"" $ sugg_demand"" $ DEPT_NAME&#34 ;, " $ indiv_grp"" $ ac_problem&#34))
答案 0 :(得分:1)
在PostgreSQL函数中使用SELECT子句调用,例如:SELECT func()
由于SQL注入的可能性,您应该避免直接插入SQL参数。改为使用绑定:
DB::statement('SELECT abc_cmw(?, ?, ?)', [$param1, $param2, $param3]);
或
DB::statement('SELECT abc_cmw(:param1, :param2, :param3)', [
'param1' => $param1,
'param2' => $param2,
'param3' => $param3
]);