使用PHP将JSON对象中的元素插入数据库

时间:2018-08-12 23:03:59

标签: php mysql json

我只是一个学生,所以如果这篇帖子不清楚,请提前道歉。


我正在将产品数据从JSON响应导入到产品数据库中。我的目标是仅将JSON对象中的元素插入数据库中。

当前,我收到“未定义的索引:产品”错误,而更正后,出现“无效的foreach语句”错误。 真正在理解我的错误在哪里以及我在犯什么错误。

如果有人可以看一下这段代码,看看我做错了什么,我将不胜感激。



代码:

space

JSON:

<?php
$params = http_build_query(array(
  "api_key" => "***",
  "format" => "json"
));

$result = file_get_contents(
    'https://www.parsehub.com/api/v2/projects/***/last_ready_run/data?'.$params,
    false,
    stream_context_create(array(
        'http' => array(
            'method' => 'GET'
        )
    ))
);

$result=gzdecode($result);
$parsed_result = json_decode($result, true);
$product[] = $parsed_result['product'];
    foreach($product as $item){ 
        $updated = $item['updated'];
        $name = $item['name'];
        $url = $item['url'];
        $currentPrice = $item['currentPrice'];
        $originalPrice = $item['originalPrice'];
        $picture = $item['picture'];
        $brand = $item['brand'];
        $model = $item['model'];

        require 'db_configuration.php';
        $sql2 = "INSERT INTO storeA (name, url, currentPrice, originalPrice, picture, brand, model, updated) VALUES ('{$name}',{$url},{$currentPrice},{$originalPrice},{$picture},{$brand},{$model},{$updated})";
        $result = run_sql($sql2);

    }
?>

数据库配置

{
  "links": [
    {
      "link": "http://www.***.com",
      "product": [
        {
          "updated": "****",
          "name": "****",
          "url": "****",
          "currentPrice": "$****",
          "originalPrice": "$****",
          "picture": "http://****.jpg",
          "picture_url": "****",
          "brand": "***",
          "extra": "****"
        },
        {
          "updated": "****",
          "name": "****",
          "url": "****",
          "currentPrice": "$****",
          "originalPrice": "$****",
          "picture": "http://****.jpg",
          "picture_url": "****",
          "brand": "***",
          "extra": "****"
        }
      ]
    },
    {
      "link": "http://www.***.com",
      "product": [
        {
          "updated": "****",
          "name": "****",
          "url": "****",
          "currentPrice": "$****",
          "originalPrice": "$****",
          "picture": "http://****.jpg",
          "picture_url": "****",
          "brand": "***",
          "extra": "****"
        },
        {
          "updated": "****",
          "name": "****",
          "url": "****",
          "currentPrice": "$****",
          "originalPrice": "$****",
          "picture": "http://****.jpg",
          "picture_url": "****",
          "brand": "***",
          "extra": "****"
        }
      ]
    },
    {
      "link": "http://www.***.com",
      "product": [
        {
          "updated": "****",
          "name": "****",
          "url": "****",
          "currentPrice": "$****",
          "originalPrice": "$****",
          "picture": "http://****.jpg",
          "picture_url": "****",
          "brand": "***",
          "extra": "****"
        },
        {
          "updated": "****",
          "name": "****",
          "url": "****",
          "currentPrice": "$****",
          "originalPrice": "$****",
          "picture": "http://****.jpg",
          "picture_url": "****",
          "brand": "***",
          "extra": "****"
        }
      ]
    }
  ]
}

1 个答案:

答案 0 :(得分:0)

从var_dumping json_decode($result, true)的结果开始-数组结构为:

array(1) {
  'links' =>
  array(1) {
    [0]
    array(2) {
      'link' =>
      string(18) "http://www.***.com"
      'product' =>
      array(2) {
        ...
      }
    }
  }
}

因此,$parsed_result是一个具有单个元素且以links为键的数组。此元素包含链接/产品对的数组。

因此,如果要在json响应中获取所有产品,则需要执行以下操作:

foreach ($link in $parsed_results['links']) {
    foreach ($product in $link['product']) {
        // construct your array
    }
}

这将起作用-但是您的数据库查询对SQL注入攻击开放。您绝不应该使用插值法将变量注入SQL查询中-您应该绝不这样做:

$sql2 = "INSERT INTO storeA (name, url, currentPrice, originalPrice, picture, brand, model, updated) VALUES ('{$name}',{$url},{$currentPrice},{$originalPrice},{$picture},{$brand},{$model},{$updated})";

相反,您应该使用带有参数的预准备查询:

$insertProductQuery = mysqli_prepare("INSERT INTO storeA (name, url, currentPrice, originalPrice, picture, brand, model, updated) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");

mysqli_stmt_bind_param($insertProductQuery, 'ssddssss', $name, $url, $currentPrice, $originalPrice, $picture, $brand, $model, $updated);

(我以参数类型对您的数据库架构进行了假设-尽管您也不应该使用实数/浮点数/双精度数来存储货币值)

更好的是,使用PDO,您可以使用命名参数。