Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual
Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual
Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You
have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near '@g.com,
'User'.'phone' = 87665r5, 'User'.'address' = 23lsdhf,
'User'.'location' ' at line 1
SQL 查询:
UPDATE 'cake'.'users' AS 'User' SET 'User'.'username' = paul, 'User'.'password' = eben, 'User'.'email' = paul@g.com, 'User'.'phone' = 87665r5, 'User'.'address' = 23lsdhf, 'User'.'location' = lskjaflasi, 'User'.'pincode' = 867567 WHERE 'User'.'id' = 1
我的密码是
if($this->request->data)
{$User=$this->request->data[User];
$this->User->updateAll($User,array("User.id" => $v));}
如何更新整个表格?
updateAll()
不会自动将字符串值括在引号中,这与使用 save()
时不同。你必须自己做。来自 the docs:-
Literal values should be quoted manually using DboSource::value().
在调用 updateAll()
:-
之前,您需要使用类似数据源的 value()
方法将 $this->request->data
中的每个字符串值用引号括起来
$db = $this->getDataSource();
$value = $db->value($value, 'string');
建议不要只是将 $this->request->data
传递给 updateAll()
,因为有人可能会将数据注入您的数据库。而是根据您的请求数据构建一个新的保存数据数组,并根据需要包装字符串。例如:-
$user=$this->request->data[User]
$data = array(
'username' => $db->value($user['username'], 'string'),
'password' => $db->value($user['password'], 'string'),
'email' => $db->value($user['email'], 'string'),
'phone' => $db->value($user['phone'], 'string'),
'address' => $db->value($user['address'], 'string'),
'location' => $db->value($user['location'], 'string'),
'pincode' => $db->value($user['pincode'], 'integer')
);
$this->User->updateAll($data, array("User.id" => $v));
更新
作为使用 updateAll()
的替代方法,您最好使用 save()
来完成您在这里所做的事情。只要您的保存数据包含记录的主键(例如 User.id
),它将执行 UPDATE
而不是 INSERT
:-
$this->request->data['User']['id'] = $v;
$this->User->save($this->request->data);
save()
将为您处理所有字符串,因此您无需自己将它们用引号引起来。
Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@g.com, 'User'.'phone' = 87665r5, 'User'.'address' = 23lsdhf, 'User'.'location' ' at line 1
SQL 查询:
UPDATE 'cake'.'users' AS 'User' SET 'User'.'username' = paul, 'User'.'password' = eben, 'User'.'email' = paul@g.com, 'User'.'phone' = 87665r5, 'User'.'address' = 23lsdhf, 'User'.'location' = lskjaflasi, 'User'.'pincode' = 867567 WHERE 'User'.'id' = 1
我的密码是
if($this->request->data)
{$User=$this->request->data[User];
$this->User->updateAll($User,array("User.id" => $v));}
如何更新整个表格?
updateAll()
不会自动将字符串值括在引号中,这与使用 save()
时不同。你必须自己做。来自 the docs:-
Literal values should be quoted manually using DboSource::value().
在调用 updateAll()
:-
value()
方法将 $this->request->data
中的每个字符串值用引号括起来
$db = $this->getDataSource();
$value = $db->value($value, 'string');
建议不要只是将 $this->request->data
传递给 updateAll()
,因为有人可能会将数据注入您的数据库。而是根据您的请求数据构建一个新的保存数据数组,并根据需要包装字符串。例如:-
$user=$this->request->data[User]
$data = array(
'username' => $db->value($user['username'], 'string'),
'password' => $db->value($user['password'], 'string'),
'email' => $db->value($user['email'], 'string'),
'phone' => $db->value($user['phone'], 'string'),
'address' => $db->value($user['address'], 'string'),
'location' => $db->value($user['location'], 'string'),
'pincode' => $db->value($user['pincode'], 'integer')
);
$this->User->updateAll($data, array("User.id" => $v));
更新
作为使用 updateAll()
的替代方法,您最好使用 save()
来完成您在这里所做的事情。只要您的保存数据包含记录的主键(例如 User.id
),它将执行 UPDATE
而不是 INSERT
:-
$this->request->data['User']['id'] = $v;
$this->User->save($this->request->data);
save()
将为您处理所有字符串,因此您无需自己将它们用引号引起来。