[英]oci_bind_by_name and to_date PHP/OCI/Oracle
我有以下內容:
$ARTIFACT_NAME = $_POST['ArtifactName'];
$ARTIFACT_TYPE = $_POST['ArtifactType'];
$ARTIFACT_LOCATION = $_POST['ArtifactLocation'];
$ARTIFACT_DOMAIN = $_POST['ArtifactDomain'];
$ARTIFACT_AUTHOR = $_POST['ArtifactAuthor'];
$ARTIFACT_LABEL = 'DB_'.$ARTIFACT_LOCATION.'_'.$ARTIFACT_DOMAIN.'_'.$ARTIFACT_NAME;
$AUDIT_CONSTRAINTS = $_POST['AuditConstraints'];
$SECURITY_CONSTRAINTS = $_POST['SecurityConstraints'];
$REGISTERED_EMAIL = $_SERVER['HTTP_REMOTE_USER'];
$REGISTERED_TIMESTAMP = "to_date('15-08-2011 14:32:37', 'DD-MM-YYYY HH24:MI:SS')";
$query = "INSERT INTO ".$db_schema.".ARTIFACTS (ARTIFACT_ID, ARTIFACT_NAME, ARTIFACT_TYPE, ARTIFACT_LOCATION, ARTIFACT_DOMAIN, ARTIFACT_AUTHOR, ARTIFACT_LABEL, AUDIT_CONSTRAINTS, SECURITY_CONSTRAINTS, REGISTERED_EMAIL, REGISTERED_TIMESTAMP)
VALUES (:bind1, :bind2, :bind3, :bind4, :bind5, :bind6, :bind7, :bind8, :bind9, :bind10, :bind11)";
$statement = oci_parse($connection, $query);
oci_bind_by_name($statement, ":bind1", $ARTIFACT_ID);
oci_bind_by_name($statement, ":bind2", $ARTIFACT_NAME);
oci_bind_by_name($statement, ":bind3", $ARTIFACT_TYPE);
oci_bind_by_name($statement, ":bind4", $ARTIFACT_LOCATION);
oci_bind_by_name($statement, ":bind5", $ARTIFACT_DOMAIN);
oci_bind_by_name($statement, ":bind6", $ARTIFACT_AUTHOR);
oci_bind_by_name($statement, ":bind7", $ARTIFACT_LABEL);
oci_bind_by_name($statement, ":bind8", $AUDIT_CONSTRAINTS);
oci_bind_by_name($statement, ":bind9", $SECURITY_CONSTRAINTS);
oci_bind_by_name($statement, ":bind10", $REGISTERED_EMAIL);
oci_bind_by_name($statement, ":bind11", $REGISTERED_TIMESTAMP);
這給出了以下錯誤:
ORA-01858: a non-numeric character was found where a numeric was expected
但是,如果我只是不綁定$REGISTERED_TIMESTAMP
並將to_date
直接插入到$query
中 - 它可以完美運行。
這是怎么回事?! 這快把我逼瘋了!
您正在使用帶有綁定參數的 Oracle 語句。 這很好,因為它可以防止在 SQL 語句中插入危險代碼的 SQL 注入。 但是,在這種情況下,它會阻止執行TO_CHAR
function。 相反,它嘗試將整個字符串轉換為時間戳,這當然不起作用。
解決方案相當簡單:將TO_CHAR
function 從綁定參數直接移到語句中:
$REGISTERED_TIMESTAMP = "15-08-2011 14:32:37";
$query = "INSERT INTO ".$db_schema.".ARTIFACTS (ARTIFACT_ID, ARTIFACT_NAME, ARTIFACT_TYPE, ARTIFACT_LOCATION, ARTIFACT_DOMAIN, ARTIFACT_AUTHOR, ARTIFACT_LABEL, AUDIT_CONSTRAINTS, SECURITY_CONSTRAINTS, REGISTERED_EMAIL, REGISTERED_TIMESTAMP)
VALUES (:bind1, :bind2, :bind3, :bind4, :bind5, :bind6, :bind7, :bind8,
:bind9, :bind10, to_date(:bind11, 'DD-MM-YYYY HH24:MI:SS'))";
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.