我正在尝试将文本插入数据库表reqviews。但是我收到错误消息:
Unknown column 'text' in 'field list'。我不确定我的代码有什么问题。请帮助
if (isset($_POST['combut'])) {
$rqvcom = $_POST['rqvcom'];
$rqid = (int)$_GET['rqid'];
$conn->query("
INSERT INTO reqviews (rqvrqid, rqvuserid, rqvcom, rqvdate)
SELECT {$rqid}, {$sid}, {$rqvcom}, NOW()
FROM requests
WHERE EXISTS (
SELECT rqid
FROM requests
WHERE rqid = {$rqid})
AND NOT EXISTS (
SELECT rqvid
FROM reqviews
WHERE rqvuserid = {$sid}
AND rqvrqid = {$rqid})
LIMIT 1
");
}
我的代码做什么:当在rqvcom文本区域中键入某些文本时,该文本将被分派到rqvcom表的reqviews列中。如果reqviews用户在rqvuserid表上已经存在一行,则无法插入具有相同用户ID的另一行。我的问题是我的代码给了我我提供的错误消息。
编辑:表reqviews
rqvid | rqvrqid | rqvuserid | rqvcom | rqvdate
表requests
rqid
答案 0 :(得分:3)
SELECT {$rqid}, {$sid}, {$rqvcom}, NOW()
这将选择这些变量中的列名称:
// let's say these are the values in your variables:
$rqid = "text";
$sid = "session123";
$rqvcom = "example";
// then this query:
SELECT {$rqid}, {$sid}, {$rqvcom}, NOW()
// is the same as:
SELECT text, session123, example, NOW()
这就是为什么您会收到该错误的原因。这极不可能是您想要的。我怀疑您实际上真正想要的是选择列rqid,sid和rqvcom:
SELECT rqid, sid, rqvcom, NOW()
编辑:现在,您已经添加了表结构,似乎更有可能想要实际选择字符串值,在这种情况下,您需要将变量包装在引号中,例如@Giacomo M建议:
SELECT '{$rqid}', '{$sid}', '{$rqvcom}', NOW()
// which will become:
SELECT 'text', 'session123', 'example', NOW()
那么您的数据库就不会将字符串与列名混淆。
答案 1 :(得分:2)
如果试图将$rqvcom的值插入数据库,则需要将其用引号引起来,因为它是一个字符串。否则,它将被视为列名。
$conn->query("
INSERT INTO reqviews (rqvrqid, rqvuserid, rqvcom, rqvdate)
SELECT {$rqid}, {$sid}, '{$rqvcom}', NOW()
FROM requests
WHERE EXISTS (
SELECT rqid
FROM requests
WHERE rqid = {$rqid})
AND NOT EXISTS (
SELECT rqvid
FROM reqviews
WHERE rqvuserid = {$sid}
AND rqvrqid = {$rqid})
LIMIT 1
");
但是,这使您可以进行SQL注入,因此您应该使用准备好的语句。
$stmt = $conn->prepare("
INSERT INTO reqviews (rqvrqid, rqvuserid, rqvcom, rqvdate)
SELECT ?, ?, ?, NOW()
FROM requests
WHERE EXISTS (
SELECT rqid
FROM requests
WHERE rqid = ?)
AND NOT EXISTS (
SELECT rqvid
FROM reqviews
WHERE rqvuserid = ?
AND rqvrqid = ?)
LIMIT 1
");
$stmt->bind_param("iisiii", $rqid, $sid, $rqvcom, $rqid, $sid, $rqid);
$stmt->execute();