dpblwmh5218 2014-09-30 10:47
浏览 248
已采纳

在CodeIgniter中使用this-> db-> escape_str()函数时出现语法错误

I want to send my input data to an SQL Query in my CodeIgniter application in the following way:

  $sdata['department'] = $this->input->post('department'); //Data as text input 
  $sql = "SELECT MAX(roll) FROM student WHERE department = ".this->db->escape_str($sdata['department']);

The above code is inside my controller.

And I keep getting the following error:

  Parse error: syntax error, unexpected '->' (T_OBJECT_OPERATOR)

Most likely, this is a syntax error, but I just can't figure out which part of my code is responsible.

I've also gone through the Queries section of the user guide of CodeIgniter, but it wasn't explained clearly there.

Can anyone please tell me where my mistake is, and what is the correct syntax for what I'm trying to do?

My controller -

   <?php
   if ( ! defined('BASEPATH')){ exit('No direct script access allowed');}
   class Student extends CI_Controller
   {
       function __construct()
       {
           parent::__construct();
           #$this->load->helper('url');
           $default_roll = '20141000';
           $this->load->model('student_model');
           $this->load->helper('string');
       }

       //Show all Students
       public function index()
       {
            $data['student_list'] = $this->student_model->get_all_students();
            $this->load->view('student_view', $data);
       }


      //Insert a student
      public function insert_student_db()
      {
           $sdata['name'] = $this->input->post('name');
           $sdata['department'] = $this->input->post('department');

           $sql = "SELECT MAX(roll) FROM student WHERE department = ".this->db->escape_str($sdata['department']);
           $query = $this->db->query($sql);

           $rolltext = substr($query, 9);
           $year = substr($query, 3, -3);

          if($rolltext == NULL && $year == NULL)
          {
               $rolltext = str_pad(1,3,'0',STR_PAD_LEFT);
               $year = '2014';
          }

         else
         {
             $rolltext++;
             $rolltext = str_pad($rolltext,3,'0',STR_PAD_LEFT);
             if($rolltext == '100')
             {
                  $rolltext = str_pad(1,3,'0',STR_PAD_LEFT);
                  $year++;
             }
         }  

         $sdata['roll'] = $sdata['department'].$year.$rolltext;

         $sdata['email'] = $this->input->post('email');
         $sdata['mobile'] = $this->input->post('mobile');
         $res = $this->student_model->insert_student($sdata);
        if($res)
        {
            header('location:'.base_url()."index.php/student/".$this->index());

        }

    }   
}
?>
  • 写回答

1条回答 默认 最新

  • dongyu1918 2014-10-02 03:50
    关注

    [Courtesy: user Ismael Miguel]

    Problem was with this line inside my controller, student.php:

      $sql = "SELECT MAX(roll) FROM student WHERE department = ".this->db->escape_str($sdata['department']);

    A very silly mistake, in a very basic thing. All variables in PHP must be preceded with a '$' sign. I just missed that.

    So, after correcting that bit, it looks like this:

    $sql = "SELECT MAX(roll) FROM student WHERE department = ".$this->db->escape_str($sdata['department']);

    And it's working fine now.

    PHP didn't recognise this, without the '$' sign. That's why it threw the parse error.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 oracle集群安装出bug
  • ¥15 关于#python#的问题:自动化测试
  • ¥20 问题请教!vue项目关于Nginx配置nonce安全策略的问题
  • ¥15 教务系统账号被盗号如何追溯设备
  • ¥20 delta降尺度方法,未来数据怎么降尺度
  • ¥15 c# 使用NPOI快速将datatable数据导入excel中指定sheet,要求快速高效
  • ¥15 再不同版本的系统上,TCP传输速度不一致
  • ¥15 高德地图2.0 版本点聚合中Marker的位置无法实时更新,如何解决呢?
  • ¥15 DIFY API Endpoint 问题。
  • ¥20 sub地址DHCP问题