douwo3665 2014-04-23 22:48
浏览 22
已采纳

从CSV导入的PHP不会用空格覆盖旧数据

if anyone can help that would be much appreciated, I've searched on here and google and can't find what's wrong, How do I say what the lines are terminated by? Heres the code..

 <?php if (isset($_POST['submitbulk'])) {
if (is_uploaded_file($_FILES['filename']['tmp_name'])) {
    echo "<h2>Orders Updated:</h2>";
    readfile($_FILES['filename']['tmp_name']);
}

//Import uploaded file to Database
$handle = fopen($_FILES['filename']['tmp_name'], "r");

while (($data = fgetcsv($handle, 1000, ",")) !== FALSE) {
    if ($data[2] != 0) {
    $shipdate = $data[2];
    }else{  
    $shipdate = date('Y-m-d');
    }
    if (isset($data[1])) {
        $vendor_invoice = $data[1];     
    }else{  
        $vendor_invoice = 0;     
    }
    if (isset($data[3])) {
        $shipping_cost = $data[3];     
    }else{  
        $shipping_cost = "";     
    }
    if (isset($data[4])) {
        $fedex_tracking = $data[4];    
        $fedex_notify_order[] = $data[0];
        $fedex_notify_tracking[] = $data[4];

    }else{  
        $fedex_trackoing = "";     
    }
    if (isset($data[5])) {
        $ups_tracking = $data[5]; 
        $ups_notify_order[] = $data[0];
        $ups_notify_tracking[] = $data[5];

    }else{  
        $ups_trackoing = "";     
    }
    if (isset($data[6])) {
        $ontrac_tracking = $data[6];  
        $ontrac_notify_order[] = $data[0];
        $ontrac_notify_tracking[] = $data[6];

    }else{  
        $ontrac_trackoing = "";     
    }   
    if (isset($fedex_tracking, $ups_tracking, $ontrac_tracking)) {
        $array3[] = $data[0];
    }else{
        echo "";
    }
$import = sprintf("UPDATE orders SET ".
                    "vendor_invoice_number='%s', ".
                    "ship_date='%s', ".
                    "ship_cost='%s', ".
                    "fedex_track_num='%s', ".
                    "ups_track_num='%s', ".
                    "ontrac_track_num='%s' ".
                  "WHERE orders_id=%s",

              mysql_real_escape_string($vendor_invoice), 
              mysql_real_escape_string($shipdate),
              mysql_real_escape_string($shipping_cost),
              mysql_real_escape_string($fedex_tracking),
              mysql_real_escape_string($ups_trackoing),
              mysql_real_escape_string($ontrac_tracking), 
              (int)$data[0]);
    mysql_query($import) or die(mysql_error());
}

fclose($handle);


    print "</br>Updated Successfully";

    //view upload form
}else { ?>

    Import Vendor Invoice Numbers<br />

    <form enctype='multipart/form-data' action='submit.php' method='post'>
    <input size='50' type='file' name='filename'><br />
    <input type='submit' name='submitbulk' value='Upload'></form>
 <?php   }
?>

The problem is that it is only importing the first line, I have tried ending the lines with /n /r/n, etc. but can't seem to find out whats going on. Any ideas on how to fix this?

Updated the code, it is now working just fine but it overwrites the data that's in the database when I don't want it. I thought that if I set it to "" it wouldn't change anything, but it is still changing it.. Any ideas on how to go about making it only update when there is something there?

Edit- Would something like 

$query = <<<eof
    LOAD DATA INFILE '$_FILES['filename']['tmp_name']'
     INTO TABLE orders
     FIELDS TERMINATED BY '|' OPTIONALLY ENCLOSED BY '"'
     LINES TERMINATED BY '
'
    (orders_id,vendor_invoice_number,ship_date,ship_cost,fedex_track_num,ups_track_num,ontrac_track_num)
eof;
$db->query($query);
?>

work in a situation like this?

  • 写回答

1条回答 默认 最新

  • doumu5023 2014-04-23 22:55
    关注

    The way you construct your query is wrong. Your current code is a little confusing, I guess this is what you are looking for: 

    $import = sprintf("UPDATE orders SET ".
                    "vendor_invoice_number='%s', ".
                    "ship_date='%s', ".
                    "shipping_costs='%s', ".
                    "fedex_trackoing='%s', ".
                    "ups_trackoing='%s', ".
                    "ontrac_trackoing='%s' ".
                  "WHERE orders_id=%s",
                  mysql_real_escape_string($data[1]), 
                  mysql_real_escape_string($shipdate),
                  mysql_real_escape_string($shipping_cost),
                  mysql_real_escape_string($fedex_trackoing),
                  mysql_real_escape_string($ups_trackoing),
                  mysql_real_escape_string($ontrac_trackoing), 
                  (int)$data[0]);

    The basic issue is that you try to use '$data[1]' inside a double quoted string initialization, which simply does not work.

    But note that this is questionable. You should not blindly trust in data posted to your server. Anything can be in it and using such data the way you currently do opens huge security issues. Read a bit about "sql injection", think about switching to the advanced mysqli extension (the mysql extension you currently use is deprecated) and learn about the advantages of "prepared statements".

    Update to account for the additional comment here / the updated question:

    To prevent such an update query getting executed based on the contents of the csv file the easiest way would be to enclose either the execution command inside a conditional construct: 

    if (    ! empty($data[1])
     && ! empty($shipdate)
     && ! empty($shipping_cost) )
     && ! empty($fedex_trackoing) )
     && ! empty($ups_trackoing) )
     && ! empty($ontrac_trackoing) ) {
  mysql_query($import) or die(mysql_error());
}

    Obviously the real condition you require depends on what exactly you want to judge as a situation where you decide not to update an existing entry in the database. When combining this with the original loop content posted inside the question it becomes clear that the code now is somewhat chaotic. It certainly would make sense to reimplement this is a more streamlined way...

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 乌班图ip地址配置及远程SSH
  • ¥15 怎么让点阵屏显示静态爱心,用keiluVision5写出让点阵屏显示静态爱心的代码,越快越好
  • ¥15 PSPICE制作一个加法器
  • ¥15 javaweb项目无法正常跳转
  • ¥15 VMBox虚拟机无法访问
  • ¥15 skd显示找不到头文件
  • ¥15 机器视觉中图片中长度与真实长度的关系
  • ¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
  • ¥15 java 的protected权限 ,问题在注释里
  • ¥15 这个是哪里有问题啊?