我的SQL查询给我错误的输出所有时间与以下查询。我可以在获取结果时设置查询吗?
$con = new connection();
$con = mysql_query("SELECT * FROM object");
while($res = mysql_fetch_array($con)) {
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'parent_id', '$res[parent_id]');") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'nice_url', '$res[nice_url]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'startpage', '$res[startpage]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'type', '$res[type]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'title', '$res[title]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'menu_title', '$res[menu_title]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'keywords', '$res[keywords]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'description', '$res[description]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'content', '$res[content]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'date', '$res[date]')") or die(mysql_error());
mysql_query("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES ('$res[id]', 'status', '$res[status]')") or die(mysql_error());
}
您正在用单引号包装列名,这是不正确的,您可以使用反引号或不使用反引号。但是,请确保在任何保留关键字的列名甚至表名上打反勾。
mysql_query("INSERT INTO object_meta
(`object_id`, `key`, `value`)
VALUES ('$res[id]', 'parent_id', '$res[parent_id]');")
or die(mysql_error());
您的代码对sql注入是不安全的。此外,您将受益于切换到PDO然后mysql功能。创建插入语句后,将值绑定到查询。此外,这还可以防止sql注入,而无需添加任何代码。
<?php
$pdo = getpdoconnection();
$data = $pdo->query('SELECT * FROM object');
$statement = $pdo->prepare("INSERT INTO object_meta ('object_id', 'key', 'value') VALUES (?, ?, ?)");
while($res = $data->fetch(PDO::FETCH_ASSOC)) {
$statement->execute(array($res['id'], 'parent_id', $res['parent_id']));
$statement->execute(array($res['id'], 'nice_url', $res['nice_url']));
//.....
}
PDO教程
http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers