建立查询时,SQL/Laravel不引用文本字段 [英] SQL/Laravel is not quoting text fields when building a query
问题描述
已更新
我是Laravel的新手,并尝试测试此演示 https://github.com/安装ddev,Docker和MAMP之后,在我的本地Mac上使用laravel-json-api/laravel .问题是代码(我没有写,我没有下载就下载了,没有做任何更改)正在执行SELECT,试图找到具有该电子邮件地址的用户,但是,显然,Laravel构建了添加加引号的SQL语句,删除了引号电子邮件"字段的内容.
I am new to Laravel and tried to test this demo https://github.com/laravel-json-api/laravel on my local Mac after installing ddev, Docker and MAMP. The problem is that the code (that I didn't write, I just downloaded without making any changes) is executing a SELECT trying to find a user with that email address but, apparently, Laravel builds the SQL sentence removing the quotes when adding the content for the field "email".
这是我在浏览器中收到的错误消息:
This is the error message that I get on the browser:
SQLSTATE [HY000] [2002]没有这样的文件或目录(SQL:从用户"中选择*,其中电子邮件" = frankie@example.com限制1)
我使用MySQL 5.7.32,数据库排序规则为utf8_general_ci.
I use MySQL 5.7.32 and the DB collation is utf8_general_ci.
捕获到异常时浏览器中显示的错误是:
The error show in the browser when the exception is caught is:
/var/www/html/vendor/laravel/framework/src/Illuminate/Database/Connection.php
* @param array $bindings
* @param \Closure $callback
* @return mixed
*
* @throws \Illuminate\Database\QueryException
*/
protected function runQueryCallback($query, $bindings, Closure $callback)
{
// To execute the statement, we'll simply call the callback, which will actually
// run the SQL against the PDO connection. Then we can calculate the time it
// took to execute and log the query SQL, bindings and time in our memory.
try {
$result = $callback($query, $bindings);
}
// If an exception occurs when attempting to run a query, we'll format the error
// message to include the bindings with SQL, which will make this exception a
// lot more helpful to the developer instead of just the database's errors.
catch (Exception $e) {
throw new QueryException(
$query, $this->prepareBindings($bindings), $e
);
}
return $result;
}
/**
* Log a query in the connection's query log.
*
* @param string $query
* @param array $bindings
* @param float|null $time
* @return void
*/
public function logQuery($query, $bindings, $time = null)
{
$this->event(new QueryExecuted($query, $bindings, $time, $this));
if ($this->loggingQueries) {
* 参数
"SQLSTATE[HY000] [2002] No such file or directory (SQL: select * from `users` where `email` = frankie@example.com limit 1)"*
这是演示项目的database.php配置:
This is the database.php config for the demo project:
database.php演示:
database.php demo:
'mysql' => [
'driver' => 'mysql',
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '8889'),
'database' => env('DB_DATABASE', 'forge'),
'username' => env('DB_USERNAME', 'forge'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => '/Applications/MAMP/tmp/mysql/mysql.sock',
'charset' => 'utf8mb4',
'collation' => 'utf8mb4_unicode_ci',
'prefix' => '',
'strict' => true,
],
MySQL监听端口8889
MySQL listens on port 8889
有人经历过类似的情况吗?
Anyone has experienced a similar situation?
谢谢
推荐答案
您的问题不是引号,SQL Server内部存在问题.
Your problem is not the quotes, there's something wrong with the SQL server internally.
关于引号:当使用标准的雄辩方法时,查询参数将使用准备好的语句发送到服务器.这非常节省,不需要四个加引号.服务器内部正确地处理了参数.
Regarding the quotes: When using the standard eloquent methods, query parameters will be sent to the server using prepared statements. This is very save and the no need four adding quotes. Internally the server handles the parameters correctly.
无论何时发生错误,服务器都会输出从准备好的语句接收的纯的,未加引号的数据.这确实有点误导,但这不是错误.
Whenever an error occurred, the server outputs the pure, unquoted data of received from the prepared statement. This indeed is a bit misleading, but it's not an error.
这篇关于建立查询时,SQL/Laravel不引用文本字段的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
