douxueke5653 2011-12-12 09:12
浏览 37
已采纳

您的SQL语法有错误;

My code is so far 

        $limitText ="";
        if($history_length){
            $limitText = ' limit '. $history_length;
        }

        if(!$history_days){
            $history_days = '180';
        }
$db = $this->getInvokeArg('bootstrap')->getPluginResource('db')->getDbAdapter();
        //changing code to add min(currBalance) -- as sum(points) is valid only for debit. Also sort by desc instead of  (major bug)
        $history_stmt = $db->query("SELECT sum(points) as points,credit_date,min(currBalance) as currBalance,extRefId,transactedAt,pointType FROM credits where userid = '".$userid."' and credit_date >= date('now','-".$history_days." days')  group by extRefID,pointType order by creditid desc ".$limitText);
        $history_results = $history_stmt->fetchall();

        $expiry_stmt = $db->query("SELECT availablePoints,expiry_date FROM credits where userid = '".$userid."'and availablePoints > 0 and expiry_date <= date('now','+".$expiry_duration." days') order by expiry_date asc ");
        $expiry_results = $expiry_stmt->fetchall();

I got an error 

<b>Message:</b> SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''-180 days')  group by extRefID,pointType order by creditid desc' at line 1  </p>

what i can do I am not able to fine the solution

  • 写回答

1条回答 默认 最新

  • douyi02577 2011-12-12 09:17
    关注

    Seems you are using the MySQL Date function in a wrong way - were you actually planning on using the php date function instead? Instead of e.g.

    "[...] credit_date >= date('now','-".$history_days." days')  group by [...]"

    you'd have to write:

     "[...] credit_date >= '".date('-'.$history_days.' days')."' group by [...]"

    Only variables (e.g. $history_days) will get expanded by php in a string enclosed with double quotes ("), but not function calls. If you enclose a function call inside the string, php can't recognize it, and it will be passed as is to mysql, instead of first being executed by php; but you want php to evaluate it, so you'll have to exclude it from the string constant and add it with the concatenation operators (.) to your string.

    Your php date function call however also seems to be incorrect; to get "the current date minus a certain amount of days", best use mysql date functions like this:

     "[...] credit_date >= DATE_SUB(NOW(), INTERVAL '$history_days' DAY) group by [...]"

    And just one general note on security: It's not clear from the piece of script you're providing, but if the values in $history_days, $history_length, $user_id or $expiry_duration (the variables used inside the SQL statement) have only the remotest chance of being set by the user, you should not insert them directly into an SQL statement, but do something to prevent SQL injection.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度