为什么此查询在SQL Management Studio中起作用,但不能通过mssql在php中起作用?
[英]Why does this query work in SQL management studio but not php through mssql?
问题描述
I use mssql on php 5.5.25 running on mac. 
我在Mac上运行的PHP 5.5.25上使用mssql。
The query is 查询是
UPDATE Sessions SET
UserID = 0,
ClientIP = '127.0.0.1',
TimeStamp = 1436465436,
SessionData = 'a:1:{s:5:"forms";a:1:{s:26:"login_user_form-1436465436";O:4:"Form":15:{s:10:"*form_id";s:15:"login_user_form";s:9:"*gen_id";s:26:"login_user_form-1436465436";s:13:"*form_items";a:4:{s:8:"username";O:17:"FormItemTextField":22:{s:9:"*length";i:60;s:7:"*mask";s:0:"";s:13:"*input_type";s:6:"string";s:12:"*max_value";N;s:12:"*min_value";N;s:7:"*type";s:9:"textfield";s:7:"*name";s:8:"username";s:8:"*value";N;s:7:"*size";i:30;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:8:"Username";s:14:"*placeholder";s:0:"";s:14:"*description";N;s:9:"*weight";i:0;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:1;s:10:"*classes";a:0:{}s:9:"*dbname";s:8:"username";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}s:8:"password";O:16:"FormItemPassword":24:{s:13:"*min_length";i:0;s:13:"*validation";b:1;s:9:"*length";i:100;s:7:"*mask";s:0:"";s:13:"*input_type";s:6:"string";s:12:"*max_value";N;s:12:"*min_value";N;s:7:"*type";s:8:"password";s:7:"*name";s:8:"password";s:8:"*value";N;s:7:"*size";i:30;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:8:"Password";s:14:"*placeholder";s:0:"";s:14:"*description";s:56:"I forgot my password.";s:9:"*weight";i:1;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:1;s:10:"*classes";a:0:{}s:9:"*dbname";s:8:"password";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}s:7:"form_id";O:14:"FormItemHidden":18:{s:12:"*read_only";b:1;s:7:"*type";s:6:"hidden";s:7:"*name";s:7:"form_id";s:8:"*value";s:26:"login_user_form-1436465436";s:7:"*size";N;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:6:"";s:14:"*placeholder";s:0:"";s:14:"*description";N;s:9:"*weight";i:2;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:0;s:10:"*classes";a:0:{}s:9:"*dbname";s:7:"form_id";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}s:6:"submit";O:20:"FormItemButtonSubmit":18:{s:14:"*form_action";N;s:7:"*type";s:6:"submit";s:7:"*name";s:6:"submit";s:8:"*value";s:6:"Submit";s:7:"*size";N;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:6:"";s:14:"*placeholder";s:0:"";s:14:"*description";N;s:9:"*weight";i:3;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:0;s:10:"*classes";a:0:{}s:9:"*dbname";s:6:"submit";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}}s:9:"*action";s:14:"/demo001/login";s:9:"*method";s:4:"POST";s:8:"*title";s:0:"";s:9:"*submit";b:1;s:10:"*enctype";s:33:"application/x-www-form-urlencoded";s:13:"*title_type";s:2:"h1";s:12:"*db_values";b:0;s:10:"*gentime";i:1436465436;s:20:"*validation_errors";a:0:{}s:20:"*validate_callback";s:19:"login_user_validate";s:18:"*submit_callback";s:17:"login_user_submit";s:10:"*classes";s:0:"";}}}'
WHERE SessionID = 'krd682btg38st6r5i0om1gpbj4'
The only warning I get from mssql_get_last_message() is: 我从mssql_get_last_message()得到的唯一警告是:
Incorrect syntax near 'a:1:{s:5:"forms";a:1:{s:26:"login_user_form-1436465436";O:4:"Form":15:{s:10:"'.
However if I run the above query in SQL Server management studio It executes fine. 但是,如果我在SQL Server Management Studio中运行上述查询,它会很好地执行。
Obviously SessionData is just a serialized array. 显然, SessionData只是一个序列化数组。 Other serialized arrays save just fine elsewhere in the system using the same syntax. 其他序列化的数组使用相同的语法在系统中的其他位置保存得很好。 What am I missing? 我想念什么?
Since several comments requested it, here is how the query is generated: See PasteBin 由于请求了多个注释,因此生成查询的方式如下: 请参见PasteBin
1 个解决方案
解决方案1
0 已采纳 2015-07-09 20:52:01
So finally found the problem. 于是终于找到了问题所在。 Their were hidden characters in the serialized string. 它们是序列化字符串中的隐藏字符。 Specifically the null characters "\\0" was being interpreted by sql server as a terminator to the query string. 特别是,空字符“ \\ 0”被sql server解释为查询字符串的终止符。 I updated my sanitize function to include this line after the single quote encode: 我更新了sanitize函数,以在单引号编码之后包含以下行:
$string = str_replace("\0",'[NULL]',$string);
Fixed the problem right up. 立即修复问题。
Of course since this is occuring in a string I actually need to undo this after read 当然,因为这是在字符串中发生的,所以我实际上需要在读取后撤消该操作
str_replace('[NULL]', "\0", $string);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.