使用 PHP 表单将几何图形从 WKT 和 SRID 插入 SQL Server 2017
[英]Using PHP form to insert geometry from WKT and SRID into SQL Server 2017
问题描述
I have a PHP 7.3 form that asks the user for a Name, a WKT and an SRID.
我有一个 PHP 7.3 表单,它要求用户输入名称、WKT 和 SRID。 I would like to upload the WKT and SRID to SQL Server 2017 so that it creates a geometric object in Upload_WKT_Test using STGeomFromText:我想将 WKT 和 SRID 上传到 SQL Server 2017,以便它使用 STGeomFromText 在 Upload_WKT_Test 中创建一个几何对象:
<?php
if ($_SERVER['REQUEST_METHOD']=="POST") {
$wkt = $_POST['wkt'];
$srid = $_POST['srid'];
$name = $_POST['name'];
try {
$wktQuoted = $pdo->quote ($wkt);
//$wktQuoted = "'$wkt'";
$sql = "INSERT INTO Upload_WKT_Test (Name, GeomCol1) VALUES (:name, :wktGeom)";
$wktGeom1 = "geometry::STGeomFromText(";
$wktGeom = $wktGeom1."".$wktQuoted.", ".$srid.")";
//echo $wktGeom."<br><br>".$name."<br><br>";
$stmnt = $pdo->prepare($sql);
$theData = [':name'=>$name, ':wktGeom'=>$wktGeom];
$stmnt->execute($theData);
} catch(PDOException $e) {
echo "Error: ".$e->getMessage();
}
} else {
$wkt="";
$alignment="";
$srid="";
}
?>
My init.php:我的 init.php:
<?php
ob_start();
session_start();
try {
$pdo = new PDO( "sqlsrv:Server=localhost\SQLEXPRESS;Database=devdb", "", "");
$pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$pdo->setAttribute( PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC );
//$pdo->setAttribute( PDO::ATTR_EMULATE_PREPARES, true );
}
catch( PDOException $e ) {
//die( "Error connecting to SQL Server" );
//die(print_r($stmnt->errorInfo(), true));
echo "Error: ".$e->getMessage();
}
$root_directory = "testwkt";
$from_email = "admin@somewhere.com";
$reply_email = "admin@somewhere.com";
include "php_functions.php";
?>
I understand that the preferred method to accept user input via forms is to use a parameterized query to prevent SQL injection.我知道通过表单接受用户输入的首选方法是使用参数化查询来防止 SQL 注入。 I believe the source of the error message has to do with the quotes around the WKT are not making it into the INSERT INTO statement.我相信错误消息的来源与 WKT 周围的引号没有进入 INSERT INTO 语句有关。 Is it possible to surround text values from an input form with quotes (WKT) and use it to build a geometry object?是否可以用引号 (WKT) 将输入表单中的文本值括起来并使用它来构建几何对象?
Example WKT entered into form POINT(100 10)示例 WKT 输入表单POINT(100 10)
Example SRID 0示例 SRID 0
Example Name Test示例名称Test
Geometry from WKT (quotes are required): WKT 的几何图形(需要引号):
geometry::STPointFromText('POINT (100 10)', 0)
Resulting error message:结果错误信息:
SQLSTATE[42000]: [Microsoft][ODBC Driver 17 for SQL Server][SQL Server]
A .NET Framework error occurred during execution of user-defined routine or
aggregate "geometry": System.FormatException: 24114: The label
geometry::STGeomFrom in the input well-known text (WKT) is not valid.
Valid labels are POINT, LINESTRING, POLYGON, MULTIPOINT, MULTILINESTRING,
MULTIPOLYGON, GEOMETRYCOLLECTION, CIRCULARSTRING, COMPOUNDCURVE,
CURVEPOLYGON and FULLGLOBE (geography Data Type only).
System.FormatException: at
Microsoft.SqlServer.Types.OpenGisTypes.ParseLabel(String input) at
Microsoft.SqlServer.Types.WellKnownTextReader.ParseTaggedText(OpenGisType type) at
Microsoft.SqlServer.Types.WellKnownTextReader.Read(OpenGisType type, Int32 srid) at
Microsoft.SqlServer.Types.SqlGeometry.GeometryFromText(OpenGisType type, SqlChars text, Int32 srid) at
Microsoft.SqlServer.Types.SqlGeometry.Parse(SqlString s) .
Upload_WKT_Test table: Upload_WKT_Test 表:
CREATE TABLE dbo.Upload_WKT_Test
( id int IDENTITY (1,1),
Name varchar(50),
GeomCol1 geometry );
GO
WKT - Well Known Text - a way to represent a geometric object (point, line, polygon for example) in text format. WKT - 众所周知的文本 - 一种以文本格式表示几何对象(例如点、线、多边形)的方法。 More info here .更多信息在这里。
SRID - Spatial Reference System Identifier - an integer that represents a coordinate system. SRID - 空间参考系统标识符 - 表示坐标系的整数。 More info here .更多信息在这里。
More info about working with Geometry Instances in SQL Server and Azure SQL Database can be found here .可以在此处找到有关在 SQL Server 和 Azure SQL 数据库中使用几何实例的更多信息。
More info about STGeomFromText关于STGeomFromText 的更多信息
1 个解决方案
解决方案1
1 已采纳 2019-12-10 12:12:41
You should include geometry::STGeomFromText in your T-SQL statement and bind the value for $wkt parameter without using PDO::quote :您应该在T-SQL语句中包含geometry::STGeomFromText $wkt并在不使用PDO::quote情况下绑定$wkt参数的值:
<?php
if ($_SERVER['REQUEST_METHOD']=="POST") {
$wkt = $_POST['wkt'];
$srid = $_POST['srid'];
$name = $_POST['name'];
try {
$sql = "
INSERT INTO Upload_WKT_Test (Name, GeomCol1)
VALUES (:name, geometry::STGeomFromText(:wkt, :srid))";
$stmnt = $pdo->prepare($sql);
$theData = [':name'=>$name, ':wkt'=>$wkt, ':srid'=>$srid];
$stmnt->execute($theData);
} catch(PDOException $e) {
echo "Error: ".$e->getMessage();
}
} else {
$wkt="";
$alignment="";
$srid="";
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.