douhao123457 2015-11-20 13:47
浏览 37
已采纳

mysqli_multi_query没有做任何事情

I am doing an ajax call to a PHP which should do 2 SQL queries. The queries look like this:

$sql = "UPDATE customers SET customers_newsletter=1 WHERE customers_id ='".$cid."'";
   $sql .= "INSERT INTO coupons (coupon_id, 
                                 coupon_type, 
                                 coupon_code,
                                 coupon_amount, 
                                 coupon_minimum_order, 
                                 coupon_start_date, 
                                 coupon_expire_date, 
                                 uses_per_coupon, 
                                 uses_per_user, 
                                 coupon_active) 
                         VALUES ('".$cid."',
                                 'NL_".$cid_substr."".$cid."',
                                 'F',
                                 '5.0000',
                                 '100.0000',
                                 '".date("Y-m-d H:i:s")."',
                                 '".$expiredate."',
                                 '1',
                                 '1',
                                 'Y'
                                )";
mysqli_multi_query($con,$sql);

In another php file the exact same code already worked, i there copied an sql entry to another table and then deleted it from the current one.

If i do only one of the queries it works, but i need to get them to work together.

Any ideas why it is not working?

UPDATE:

I now followed the link for preventing sql injection in the comment and i got the following code now:

<?php
$mysqli = new mysqli("server", "user", "pw", "db");

// TODO - Check that connection was successful.

$unsafe_variable = $_GET['cid'];

$stmt = $mysqli->prepare("INSERT INTO coupons (coupon_id) VALUES (?)");

// TODO check that $stmt creation succeeded

// "s" means the database expects a string
$stmt->bind_param("s", $unsafe_variable);

$stmt->execute();

$stmt->close();

$mysqli->close();


mysqli_close($con);
?>

It is still not working. Where is the fault?

  • 写回答

1条回答 默认 最新

  • douyou1937 2015-11-20 13:50
    关注

    What you're currently running is the same as:

    $sql = "UPDATE customers SET customers_newsletter=1 WHERE customers_id ='".$cid."' INSERT INTO coupons (coupon_id, 
                                     coupon_type, 
                                     coupon_code,
                                     coupon_amount, 
                                     coupon_minimum_order, 
                                     coupon_start_date, 
                                     coupon_expire_date, 
                                     uses_per_coupon, 
                                     uses_per_user, 
                                     coupon_active) 
                             VALUES ('".$cid."',
                                     'NL_".$cid_substr."".$cid."',
                                     'F',
                                     '5.0000',
                                     '100.0000',
                                     '".date("Y-m-d H:i:s")."',
                                     '".$expiredate."',
                                     '1',
                                     '1',
                                     'Y'
                                    )";
    mysqli_multi_query($con,$sql);
    

    Which, if you notice right after the first query it starts right into the INSERT. If you ran this in anything that would give you the SQL error (or echo'd the sql error here) you'd likely see that there is a syntax error because the UPDATE query is never closed. Try adding a ; to the end of the update statement, like so:

    $sql = "UPDATE customers SET customers_newsletter=1 WHERE customers_id ='".$cid."';";
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 fx2n系列plc的自控成型机模拟
  • ¥15 时间序列LSTM模型归回预测代码问题
  • ¥50 使用CUDA如何高效的做并行化处理,是否可以多个分段同时进行匹配计算处理?目前数据传输速度有些慢,如何提高速度,使用gdrcopy是否可行?请给出具体意见。
  • ¥15 基于STM32,电机驱动模块为L298N,四路运放电磁传感器,三轮智能小车电磁组电磁循迹(两个电机,一个万向轮),如何通过环岛的原理及完整代码
  • ¥20 机器学习或深度学习问题?困扰了我一个世纪,晚来天欲雪,能饮一杯无?
  • ¥15 c语言数据结构高铁订票系统
  • ¥15 关于wkernell.PDB加载的问题,如何解决?(语言-c#|开发工具-vscode)
  • ¥100 某宝多次访问被拒绝,求解
  • ¥15 (标签-STM32|关键词-智能小车)
  • ¥20 关于#stm32#的问题,请各位专家解答!