PHP Json 到 MySql (opencart)

标签 php mysql json opencart

<分区>

我有一个小脚本,可以从数据库中读取单元格,然后写入它。但它会导致错误 1064。 它看起来像这样:

public function update($cart_id, $quantity) {
    $this->db->query("UPDATE " . DB_PREFIX . "cart SET quantity = '" . (int)$quantity . "' WHERE cart_id = '" . (int)$cart_id . "' AND customer_id = '" . (int)$this->customer->getId() . "' AND session_id = '" . $this->db->escape($this->session->getId()) . "'");
    //starts here
    $cart_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "cart WHERE cart_id = '" . (int)$cart_id. "' AND session_id = '" . $this->db->escape($this->session->getId()) . "'");
    $option= ($cart_query->row['option']);//success
    $this->db->query("UPDATE " . DB_PREFIX . "cart SET option = '" . (string)$option . "' WHERE cart_id = '" . (int)$cart_id . "' AND customer_id = '" . (int)$this->customer->getId() . "' AND session_id = '" . $this->db->escape($this->session->getId()) . "'");//error
}

这就是我在日志中看到的

2016-09-18 20:43:06 - PHP Notice:  Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'option = '{"options":{"product_id":"176","colors":["000000"],"print":{"colors":{' at line 1<br />Error No: 1064<br />UPDATE oc_cart SET option = '{"options":{"product_id":"176","colors":["000000"],"print":{"colors":{"front":["FF0000"]},"elements":{"front":[{"width":"52.9375","height":"25.0938","type":"text"}]}},"attributes":{"sizememos":"0"},"attribute":[["0","0"]],"print_type":"screen","quantity":"0","design":{"vectors":{"front":[{"type":"text","width":"54.9375px","height":"27.0938px","top":"151px","left":"86px","zIndex":"1","svg":"<svg width="54.9375" height="27.09375" viewBox="0 0 54.9375 27.09375" xmlns="http:\/\/www.w3.org\/2000\/svg" xmlns:xlink="http:\/\/www.w3.org\/1999\/xlink"><g id="0.15760551612925844"><text fill="#FF0000" stroke="none" stroke-width="0" stroke-linecap="round" stroke-linejoin="round" x="" y="" text-anchor="start" font-size="24px" font-family="arial" data-textcurve="1" data-itemzoom="1 1" data-textspacing="0"><textPath xmlns:xlink="http:\/\/www.w3.org\/1999\/xlink" xlink:href="http:\/\/138.68.62.219\/Buy-Hanes-T-shirt-PC61LS#textPath-item-0"><tspan dy="0">Hello<\/tspan><\/textPath><\/text><\/g><defs><path id="textPath-item-0" d="M 0.125 22.117808976867764 A 3093.9720937064453 3093.9720937064453 0 0 1 54.124314613414626 22.117808976867764"><\/path><\/defs><\/svg>","rotate":"0","text":"Hello","color":"#FF0000","fontFamily":"arial","align":"center","outlineC":"none","outlineW":"0"}]},"images":{"front":"cart-designes\/2016\/09\/\/cart-front-1474230421.png","back":"cart-designes\/2016\/09\/\/cart-back-1474230421.png"}},"fonts":""}}' WHERE cart_id = '387' AND customer_id = '0' AND session_id = 'kkfj9svfssdnsph8pf8i5atjn3' in /var/www/html/system/library/db/mysqli.php on line 41

这是什么原因?我只是保存已经在这个单元格中的数据。 选项列是 UTF-8 , LongText

最佳答案

错误 1064 指向您的 MySQL 查询的语法错误,似乎有一些引号在您的 JSON 字符串中没有很好地转义,以证明尝试将选项的值修复为某个短值并再次调用您的函数。

最佳实践是使用参数化查询,这将使您免于所有逃逸任务,最重要的是提供一些保护免受 SQL 注入(inject)

这只是您的查询的示例:

$sql="UPDATE table SET opton=:option WHERE cart_id=:id AND customer_id=:customer_id and session_id=:session_id";
$parameters = array(
                'option'=>$option,
                'cart_id'=>$cart_id,
                'customer_id'=>$customer_id,
                'session_id'=>$session_id
            );

$sql = $this->db->prepare($sql);
$sql->execute($parameters);

您可以在官方 php 文档中找到更多详细信息

http://php.net/manual/en/mysqli.quickstart.prepared-statements.php http://php.net/manual/en/pdo.prepared-statements.php

快乐的编码 friend :)

关于PHP Json 到 MySql (opencart),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39562617/

上一篇:mysql - 从另一个表插入并插入新值

下一篇:java - Android HttpURLConnection POST 不工作。

相关文章:

php - 压缩显示的空间数字(类似于堆栈,但也适用于 <1)

php - 需要提交表单两次才能使用 jQuery AJAX 正确发布

mysql - 尝试将货币符号添加到 MySQL

mysql - 如何根据某些条件将结果分组为串联结果

json - 将 JsValue 转换为字符串

用于构造问题的 Json 动态字段

c - 如何使用json-c提取json对象键、值对的值

php - wordpress文本域问题

php - 如何将 PHP 输出捕获到变量中?

php从数据库表填充选项框

©2024 IT工具网  联系我们