错误号码:1064
您的SQL语法有错误;检查手册 对应于您的MySQL服务器版本,以便使用正确的语法 近 'Aventro'”, '' bc55825ec921b78c574576fbc6679cc346ee0494 '', '' 8c0cf560bb77c28d6b7dd11' 在第1行
INSERT INTO用户(用户名,密码,盐,电子邮件,user_created) VALUES( '' Aventro '', '' bc55825ec921b78c574576fbc6679cc346ee0494 '', '' 8c0cf560bb77c28d6b7dd1135a1a94f2 '', '' john.anon3@gmail.com', NOW())
文件名:C:\ wamp \ www \ hol \ system \ database \ DB_driver.php
行号:330
createuser model:
public function createuser($username, $password, $salt, $email)
{
$password = sha1($password . $salt);
$sql = "INSERT INTO users(username, password, salt, email, user_created) VALUES('".$this->db->escape($username)."','".$this->db->escape($password)."','".$this->db->escape($salt)."','".$this->db->escape($email)."', NOW())";
if ($this->db->query($sql)) {
return true;
} else {
return false;
}
}
控制器(模型调用)
$result = $this
->user_model
->createuser(
$this->input->post('username'),
$this->input->post('password'),
$salt,
$this->input->post('email'));
答案 0 :(得分:2)
查询中看起来像双引号的内容实际上是两个撇号。
在他们之间插入空格以显示:''Aventro''
可能你的$ db->转义方法返回带引号的带引号的字符串。
检查你的转义函数,看它是否这样做,并将数据放入查询中。
答案 1 :(得分:2)
您的$this->db->escape()返回用单引号括起来的字符串。请改用此查询:
$sql = "INSERT INTO users(username, password, salt, email, user_created) VALUES(".$this->db->escape($username).",".$this->db->escape($password).",".$this->db->escape($salt).",".$this->db->escape($email).", NOW())";
或者从$this->db->escape()删除封闭 - 我认为这会更好。
答案 2 :(得分:0)
function fetch_all($table_name,$field_name,$order){
$query = $this->db->query("select * from {PRE}".$table_name." where 1 order by `".$field_name."` ".$order);
$result['result_num'] = $query->num_rows();
$result['result_log'] = $query->result();
return $result;
}
function fetch_editdata($value,$table_name,$idname){
$query = $this->db->query("select * from {PRE}".$table_name." where `".$idname."` = '".$value."'");
$result['result_log'] = $query->row();
return $result;
}
function edit_data($data,$table_name,$id){
$i = 1;
$query = "UPDATE {PRE}".$table_name." SET";
foreach($data as $key=>$value){
if($i < count($data)){
$query = $query . "`".$key."` = '".addslashes(trim($value))."',";
}else{
$query = $query . "`".$key."` = '".addslashes(trim($value))."'";
}
$i++;
}
foreach($id as $k=>$val){
$query = $query . "WHERE `".$k."` = '".$val."'";
$insert_id = $val;
}
$this->db->query($query);
return $insert_id;
}
function adddata($value,$table_name){
$query = "INSERT INTO {PRE}".$table_name." SET";
$i = 1;
foreach($value as $key => $val){
if($i < count($value)){
$query = $query . "`".$key."` = '".addslashes(trim($val))."',";
}else{
$query = $query . "`".$key."` = '".addslashes(trim($val))."'";
}
$i++;
}
$this->db->query($query);
$insert_id = $this->db->insert_id();
return $insert_id;
}