数据根本没有输入数据库?

时间:2013-07-21 16:09:04

标签: php mysqli

我目前正在处理的项目存在一个奇怪的问题。所有代码都运行,没有错误,但是没有使用INSERT语句将值输入数据库。

代码如下:

pipe.php(调用查询的文件):

#!/usr/bin/php
<?php

require_once 'includes/Init.php';

Init::initialise();

$email = file_get_contents('php://stdin');
$db = new Db($config['db']);

$mail = new Mail($email);

$emailbody = $mail->getPlainBody();
$emailsubject = $mail->getSubject();
$from = $mail->getHeader("From");
$to = $mail->getTo();

if ($id = Util::getId($emailsubject))
{

    $ticket = $db->query_assoc("SELECT * FROM tickets WHERE ticket_id=$id");

    if (in_array($from, $config['staff_emails']))
    {
        //staff reply

        $tickets = $ticket['content'].="<ticketsep>$emailbody";

        $db->query("UPDATE tickets SET content=$tickets WHERE ticket_id=$id");

        mail($ticket['email'], "[$id] A member of staff replied to your ticket: ".$ticket['subject'], $emailbody);
    }
    else
    {
        //client reply

        $tickets = $ticket['content'].="<ticketsep>$emailbody";

        $db->query("UPDATE tickets SET content=$tickets WHERE ticket_id=$id");

        foreach ($config['staff_emails'] as $email)
        {
            mail($email, "[$id] [CLIENT RESPONSE] $emailsubject", $emailbody);
        }
    }

}
else
{
    do
    {
        $id = rand(1000000, 9999999);

        if (!Util::in_array_r($id, $db->query_all('SELECT * FROM tickets')))
        {
            break;
        }
    }
    while (true);

    $db->query("INSERT INTO tickets VALUES \($id, $emailsubject, $emailbody, $from\)");


    foreach ($config['staff_emails'] as $email)
    {
        mail($email, "[$id] [NEW TICKET] $emailsubject", $emailbody);
    }
}
?>

此行不起作用,未插入任何数据:$db->query("INSERT INTO tickets VALUES \($id, $emailsubject, $emailbody, $from\)");。我无法测试其他插入查询,因为已经没有数据;)

Db类看起来像这样(请不要对代码样式发表评论,其中大部分都有效:P):

<?php

class Db
{

    private $link;

    /**
     * Constructor.
     * @param array $dbconfig Array of database configuration:
     *
     * host - database host
     * user - database user
     * password - database user password
     * dbname - database name
     * port - database server port
     */
    public function __construct(array $dbconfig)
    {
        $this->link = mysqli_connect($dbconfig['host'], $dbconfig['user'], $dbconfig['password'], $dbconfig['dbname'], $dbconfig['port']);

        if (!$this->link)
        {
            throw new DatabaseException("Unable to connect to database, please check the settings in the config.php file!");
        }

    }

    /**
     * Query the database
     * @param string $query SQL query to run
     * @return mysqli_result
     */
    public function query($query)
    {
        $result = mysqli_query($this->link, $query);
        $this->checkError();
        return $result;
    }

    /**
     * Gets the first row of a query.
     * @param string $query SQL query
     * @return array Enumeriated array of first row contents.
     */
    public function query_first($query)
    {
        $result = mysqli_fetch_row($this->query($query));
        $this->checkError();
        return $result;
    }

    /**
     * Gets the first row of a query as an associative array
     * @param string $query SQL Query
     * @return array Associative array of row. Column name->column value.
     */
    public function query_assoc($query)
    {
        $result = mysqli_fetch_assoc($this->query($query));
        $this->checkError();
        return $result;
    }

    /**
     * Gets all results as array.
     * @param unknown $query
     * @param string $resulttype
     * @return array
     */
    public function query_all($query)
    {

        if (function_exists('mysqli_fetch_all')) # Compatibility layer with PHP < 5.3
                $res = mysqli_fetch_all($this->query($query));
            else
                for ($res = array(); $tmp = mysqli_fetch_array($this->query($query));) $res[] = $tmp;

            return $res;
    }

    public function checkError()
    {
        if ($this->error != '')
        {
            throw new DatabaseException("Database Error(s) Occured: $this->error");
        }
    }

    /**
     * Get this instance of this object.
     * @return Db
     */
    public static function _getInstance()
    {
        return $this;
    }

    public function __get($name)
    {
        switch ($name) {
            case "error":
                $this->error = mysqli_error($this->link);
                break;
        }
    }
}

当我收到电子邮件时,pipe.php中的所有其他代码行都会运行,但数据库中没有添加任何数据。有谁知道为什么,如果有的话,我怎样才能使数据插入?

2 个答案:

答案 0 :(得分:1)

如果您希望在数据中转义这些引号,则应使用单引号和mysql_real_escape_string方法。这是一个例子:

$emailbody = mysql_real_escape_string($mail->getPlainBody());
$emailsubject = mysql_real_escape_string($mail->getSubject());
$from = mysql_real_escape_string($mail->getHeader("From"));

$db->query("INSERT INTO tickets VALUES ($id, '$emailsubject', '$emailbody', '$from')");

来自PHP documentation

  

mysql_real_escape_string - 转义字符串中的特殊字符   在SQL语句中使用

答案 1 :(得分:0)

您需要在变量名称中添加简单引号:ticket_id = '$id'