數據根本沒有輸入數據庫嗎？

Question

我目前正在處理的項目有一個奇怪的問題。 所有代碼都可以正確運行，但是不會使用INSERT語句將值輸入數據庫。

代碼如下：

pipe.php（調用查詢的文件）：

#!/usr/bin/php
<?php

require_once 'includes/Init.php';

Init::initialise();

$email = file_get_contents('php://stdin');
$db = new Db($config['db']);

$mail = new Mail($email);

$emailbody = $mail->getPlainBody();
$emailsubject = $mail->getSubject();
$from = $mail->getHeader("From");
$to = $mail->getTo();

if ($id = Util::getId($emailsubject))
{

    $ticket = $db->query_assoc("SELECT * FROM tickets WHERE ticket_id=$id");

    if (in_array($from, $config['staff_emails']))
    {
        //staff reply

        $tickets = $ticket['content'].="<ticketsep>$emailbody";

        $db->query("UPDATE tickets SET content=$tickets WHERE ticket_id=$id");

        mail($ticket['email'], "[$id] A member of staff replied to your ticket: ".$ticket['subject'], $emailbody);
    }
    else
    {
        //client reply

        $tickets = $ticket['content'].="<ticketsep>$emailbody";

        $db->query("UPDATE tickets SET content=$tickets WHERE ticket_id=$id");

        foreach ($config['staff_emails'] as $email)
        {
            mail($email, "[$id] [CLIENT RESPONSE] $emailsubject", $emailbody);
        }
    }

}
else
{
    do
    {
        $id = rand(1000000, 9999999);

        if (!Util::in_array_r($id, $db->query_all('SELECT * FROM tickets')))
        {
            break;
        }
    }
    while (true);

    $db->query("INSERT INTO tickets VALUES \($id, $emailsubject, $emailbody, $from\)");


    foreach ($config['staff_emails'] as $email)
    {
        mail($email, "[$id] [NEW TICKET] $emailsubject", $emailbody);
    }
}
?>

該行不起作用，不插入任何數據： $db->query("INSERT INTO tickets VALUES \\($id, $emailsubject, $emailbody, $from\\)"); 。 我無法測試其他插入查詢，因為已經沒有數據;）

Db類看起來像這樣（請不要對代碼樣式發表評論，大多數都可以使用：P）：

<?php

class Db
{

    private $link;

    /**
     * Constructor.
     * @param array $dbconfig Array of database configuration:
     *
     * host - database host
     * user - database user
     * password - database user password
     * dbname - database name
     * port - database server port
     */
    public function __construct(array $dbconfig)
    {
        $this->link = mysqli_connect($dbconfig['host'], $dbconfig['user'], $dbconfig['password'], $dbconfig['dbname'], $dbconfig['port']);

        if (!$this->link)
        {
            throw new DatabaseException("Unable to connect to database, please check the settings in the config.php file!");
        }

    }

    /**
     * Query the database
     * @param string $query SQL query to run
     * @return mysqli_result
     */
    public function query($query)
    {
        $result = mysqli_query($this->link, $query);
        $this->checkError();
        return $result;
    }

    /**
     * Gets the first row of a query.
     * @param string $query SQL query
     * @return array Enumeriated array of first row contents.
     */
    public function query_first($query)
    {
        $result = mysqli_fetch_row($this->query($query));
        $this->checkError();
        return $result;
    }

    /**
     * Gets the first row of a query as an associative array
     * @param string $query SQL Query
     * @return array Associative array of row. Column name->column value.
     */
    public function query_assoc($query)
    {
        $result = mysqli_fetch_assoc($this->query($query));
        $this->checkError();
        return $result;
    }

    /**
     * Gets all results as array.
     * @param unknown $query
     * @param string $resulttype
     * @return array
     */
    public function query_all($query)
    {

        if (function_exists('mysqli_fetch_all')) # Compatibility layer with PHP < 5.3
                $res = mysqli_fetch_all($this->query($query));
            else
                for ($res = array(); $tmp = mysqli_fetch_array($this->query($query));) $res[] = $tmp;

            return $res;
    }

    public function checkError()
    {
        if ($this->error != '')
        {
            throw new DatabaseException("Database Error(s) Occured: $this->error");
        }
    }

    /**
     * Get this instance of this object.
     * @return Db
     */
    public static function _getInstance()
    {
        return $this;
    }

    public function __get($name)
    {
        switch ($name) {
            case "error":
                $this->error = mysqli_error($this->link);
                break;
        }
    }
}

當我收到電子郵件時，pipe.php中的所有其他代碼行都會運行，但是沒有數據添加到數據庫中。 有誰知道為什么，如果是這樣，我怎么做才能插入數據？

Answer 1

如果希望這些引號在數據中轉義，則應使用單引號和mysql_real_escape_string方法。 這是一個例子：

$emailbody = mysql_real_escape_string($mail->getPlainBody());
$emailsubject = mysql_real_escape_string($mail->getSubject());
$from = mysql_real_escape_string($mail->getHeader("From"));

$db->query("INSERT INTO tickets VALUES ($id, '$emailsubject', '$emailbody', '$from')");

從PHP文檔 ：

mysql_real_escape_string —轉義字符串中的特殊字符以用於SQL語句

Answer 2

您需要在變量名稱上添加簡單的引號： ticket_id = '$id' 。