如何在PHP中调试SQL查询的串联?
[英]How to debug the concatenation of a SQL query in PHP?
问题描述
There's something with my query, but I cannot manage to find what. 
我的查询有问题,但是我无法找到什么。
$keys = array_keys($fields);
$values = array_values($fields);
$sql = "UPDATE " .$table. " SET " .implode("`, `", $keys) ."='".implode("', '", $values) . "' WHERE id={$id}";
And it shows as : UPDATE users SET name , password'Rick is vets', 'sdfg' WHERE id=5 它显示为: UPDATE users SET name , password'Rick is vets', 'sdfg' WHERE id=5
But it has to show as : UPDATE users SET name = 'Rick is vets', password='sdfg' WHERE id=5 但是它必须显示为: UPDATE users SET name = 'Rick is vets', password='sdfg' WHERE id=5
2 个解决方案
解决方案1
2
$setString='';
foreach($fields as $k=>$v){
$setString .=$k." = '".$v."', ";
}
$setString=rtrim($setString,', ');
include $setString in query 在查询中包含$setString
解决方案2
2 2016-11-10 22:15:04
Try looping through the $fields array to create an update string like this: 尝试遍历$fields数组以创建一个更新字符串,如下所示:
$update_string='';
foreach ($fields as $key=>$value)
{
$update_string .= $key."='$value', ";
}
Then remove the last comma character from the string using rtrim() function: 然后使用rtrim()函数从字符串中删除最后一个逗号:
$update_string = rtrim($update_string, ", ");
Then your query becomes: 然后您的查询变为:
$sql = "UPDATE " .$table. " SET " .$update_string. " WHERE id={$id}";
This is just to illustrate the concept since your code might still be open to SQL injection attacks, in which case you should use prepared statement.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.