错误:SQLSTATE [42000]:语法错误或访问冲突:1064您的SQL语法有错误;检查手册 [英] Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual

查看:16718
本文介绍了错误:SQLSTATE [42000]:语法错误或访问冲突:1064您的SQL语法有错误;检查手册的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述


错误:SQLSTATE [42000]:语法错误或访问冲突:1064您
在您的SQL语法中有错误;检查对应于
的手册,你的MySQL服务器版本正确的语法在'@ g.com,
''user'。'phone'= 87665r5,'User'。'address'= 23lsdhf ,
'User','location''在第1行

Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@g.com, 'User'.'phone' = 87665r5, 'User'.'address' = 23lsdhf, 'User'.'location' ' at line 1

SQL查询:

SQL Query: UPDATE 'cake'.'users' AS 'User' SET 'User'.'username' = paul, 'User'.'password' = eben, 'User'.'email' = paul@g.com, 'User'.'phone' = 87665r5, 'User'.'address' = 23lsdhf, 'User'.'location' = lskjaflasi, 'User'.'pincode' = 867567 WHERE 'User'.'id' = 1

我的代码是

       if($this->request->data)
        {$User=$this->request->data[User];
    $this->User->updateAll($User,array("User.id" => $v));}

如何更新整个表单?

推荐答案

updateAll()不会自动将字符串值换成引号,而不像使用 save()。你必须自己这样做。从文档: -

updateAll() does not automatically wrap string values in quotes unlike when using save(). You have to do this yourself. From the docs:-


字面值应使用DboSource :: value()手动引用。

Literal values should be quoted manually using DboSource::value().

您需要用 $ this-> request-> data 像调用 updateAll()之前的数据源的 value()方法: -

You need to wrap each string value in $this->request->data with quotes using something like the datasource's value() method before calling updateAll():-

$db = $this->getDataSource();
$value = $db->value($value, 'string');

建议不要传递 $ this-> request-> ; data updateAll()无论如何,有人可以将数据注入数据库。而是从请求数据构建一个新的保存数据数组,并适当地包装字符串。例如: -

It is advisable to not just pass $this->request->data to updateAll() anyway as someone could inject data into your database. Instead build a new array of save data from your request data and wrap strings as appropriate. For example:-

$user=$this->request->data[User]
$data = array(
    'username' => $db->value($user['username'], 'string'),
    'password' => $db->value($user['password'], 'string'),
    'email' => $db->value($user['email'], 'string'),
    'phone' => $db->value($user['phone'], 'string'),
    'address' => $db->value($user['address'], 'string'),
    'location' => $db->value($user['location'], 'string'),
    'pincode' => $db->value($user['pincode'], 'integer')
);
$this->User->updateAll($data, array("User.id" => $v));

更新

作为使用 updateAll()的替代方法,你最好使用 save()这里。只要保存数据包含记录的主键( User.id ),它将执行 UPDATE 而不是 INSERT : -

As an alternative to using updateAll() you would be better to use save() for what you are doing here. As long as your save data contains the record's primary key (e.g. User.id) it will perform an UPDATE rather than an INSERT:-

$this->request->data['User']['id'] = $v;
$this->User->save($this->request->data);

save因此,您不需要自己将它们包装在引号中。

save() will handle all the strings for you so there is no need for wrapping them in quotes yourself.

这篇关于错误:SQLSTATE [42000]:语法错误或访问冲突:1064您的SQL语法有错误;检查手册的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆