在尝试执行选择查询时,我遇到了一个不必要的引号在执行时注入它的情况。我在Codeigniter工作。试图选择前4个字符相同的记录。 代码是:
$calendar = $this->db->select("c.first_name as cfn, u.first_name as ufn", false)
->from("{$this->tables['contacts']} c")
->join("{$this->tables['users']} u", " SUBSTR( u.first_name , 1 , 4) = SUBSTR( c.first_name , 1 , 4) ", '')
->where(array('c.status' => 1, 'c.first_name !=' => ''))
->get()->result_array();
我收到的错误是:
FUNCTION dbname.SUBSTR does not exist. Check the 'Function Name Parsing
and Resolution' section in the Reference Manual
SELECT c.first_name as cfn, u.first_name as ufn FROM (`contacts` c)
JOIN `users` u ON `SUBSTR`( `u`.`first_name` , 1 , 4) = SUBSTR( c.first_name , 1 , 4)
WHERE `c`.`status` = 1 AND `c`.`first_name` != ''
`SUBSTR` 令人兴奋(SUBSTR的单引号)。
答案 0 :(得分:1)
I had the same problem once and I solved it by using
str_replace('"','',$string);
答案 1 :(得分:1)
就我而言,我必须通过以下方式解决此问题:
$calendar = $this->db->query("SELECT c.first_name as cfn, u.first_name as ufn
FROM (`contacts` c) JOIN `users` u ON
((SUBSTR(`u`.`first_name`, 1, 4)) = (SUBSTR(`c`.`first_name`, 1, 4)))
WHERE `c`.`status` = 1 AND `c`.`first_name` != ''")->result_array();
print_r($calendar);