doubaran2438 2014-09-12 20:18
浏览 85

PHP中的SQL语句与phpmyadmin中的SQL语句的行为不同

I have 

$form_store_sql = "                                                                                                                    
     INSERT INTO myodyssey_myaccount (`id`, `email`, `username`, `password`) VALUES (NULL, 'email', 'unixmiah.formtest', 'woohoo');         

     SET @last_id_in_myaccount = LAST_INSERT_ID();                                                                                      

     INSERT INTO myodyssey_personal_info (`id`, `myodyssey_myaccount_id`) VALUES (NULL, @last_id_in_myaccount);                             

    SET @last_id_in_personal_info = LAST_INSERT_ID();                                                                                  

    INSERT INTO myodyssey_travel_info (`id`, `myodyssey_personal_info_id`)                                                                 
        VALUES (NULL, @last_id_in_personal_info);                                                                                                      

     SET @last_id_in_travel_info = LAST_INSERT_ID();                                                                                    

     INSERT INTO myodyssey_tour_orders (`id`, `myodyssey_travel_info_id`) VALUES (NULL, @last_id_in_travel_info);";

     if(mysql_query($form_store_sql)){
       echo "done";
     }

It doesn't work; it doesn't store the data. But if I take the SQL statement out of the form_store_variable and paste it into phpmyadmin's sql dialog, it behaves differently, it stores the data. I wonder what I'm doing wrong storing the SQL statement in the form_store_variable.

  • 写回答

2条回答 默认 最新

  • druzuz321103 2014-09-12 20:20
    关注

    mysql_*() functions do NOT allow multiple statements like that in a single query call. It's a basic defense against some forms of SQL injection attacks.

    If you'd used any kind of error handling on your query call, you'd have been informed of the syntax error:

    $result = mysql_query($form_store_sql);
if ($result === false) {
   die(mysql_error());
}

    You will have to query() each of those individual statements separately.

    评论

报告相同问题?

悬赏问题

  • ¥15 HLs设计手写数字识别程序编译通不过
  • ¥15 Stata外部命令安装问题求帮助!
  • ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
  • ¥15 TYPCE母转母,插入认方向
  • ¥15 如何用python向钉钉机器人发送可以放大的图片?
  • ¥15 matlab(相关搜索:紧聚焦)
  • ¥15 基于51单片机的厨房煤气泄露检测报警系统设计
  • ¥15 路易威登官网 里边的参数逆向
  • ¥15 Arduino无法同时连接多个hx711模块,如何解决?
  • ¥50 需求一个up主付费课程