[英]PHP / MySQL SELECT query using email address mystery
I have a particularly puzzling problem. 我有一个特别令人费解的问题。
I am using PHP to loop through a recordset and then identify if an email address exists in another table. 我使用PHP循环记录集,然后确定另一个表中是否存在电子邮件地址。
The code all works fine until it gets to one particular email address and I can't for the life of me see what is wrong. 代码一切正常,直到它到达一个特定的电子邮件地址,我不能为我的生活看到什么是错的。
The email address is marcodambrosio@domain.com. 电子邮件地址是marcodambrosio@domain.com。 I get the following error: 我收到以下错误:
You have an error in your SQL syntax; 您的SQL语法有错误; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ambro'' at line 1 检查与您的MySQL服务器版本对应的手册,以便在第1行的“ambro”附近使用正确的语法
All other email address are fine. 所有其他电子邮件地址都很好。
I echo the query 我回应了这个问题
SELECT * FROM user_details WHERE email='marcodambrosio@domain.com'
and run it in Navicat and it works 并在Navicat中运行它,它的工作原理
PHP Code as follows: PHP代码如下:
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
/*Get source data*/
mysql_select_db($database, $link);
$query_clients = "SELECT email FROM clients ORDER BY client_id DESC";
$clients = mysql_query($query_clients, $link) or die(mysql_error());
$row_clients = mysql_fetch_assoc($clients);
$totalRows_clients = mysql_num_rows($clients);
do {
/*Check table to see if email already exists*/
$query_check = sprintf("SELECT * FROM user_details WHERE email=%s",GetSQLValueString($row_clients['email'],"text"));
echo "<br>".$query_check."<br>";
$check = mysql_query($query_check, $link) or die(mysql_error());
if (mysql_num_rows($check)==0) {
$query_insertUsers = sprintf("INSERT INTO users (username, password, userlevel) VALUES (%s, %s, 1)", $username, $password);
echo $query_insertUsers."<br>";
//$insertUsers = mysql_query($query_insertUsers, $link) or die(mysql_error());
}
} while ($row_clients = mysql_fetch_assoc($clients));
mysql_free_result($clients);
As I said - this code WORKS, it is only when trying to query with this one email address that it fails. 正如我所说的 - 这段代码工作,只有在尝试使用这一个电子邮件地址进行查询时才会失败。
This looks like the escaping is going wrong somehow: right syntax to use near 'ambro''
seems to indicate that the e-mail might be actually marcod'ambrosio@domain.com
. 这看起来像是以某种方式逃避错误: right syntax to use near 'ambro''
似乎表明该电子邮件实际上可能是marcod'ambrosio@domain.com
。 If you do 如果你这样做
echo "<br>".$query_check."<br>";
and run that in Navicat, does that have the same error? 并运行在Navicat,是否具有同样的错误?
Run the following query: 运行以下查询:
SELECT * FROM user_details WHERE email LIKE 'marco%'
I'm willing to bet that what you actually have in the database is marcod'ambrosio@domain.com
(note the ' included). 我愿意打赌你在数据库中实际拥有的是marcod'ambrosio@domain.com
(注意'包括在内)。 This probably happened during some kind of auto-generation of the email addresses. 这可能发生在某种自动生成电子邮件地址期间。
你确定电子邮件在引号内吗?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.