0

所以我得到了这个我一直在调试的超长查询。我最初收到一个错误,即列 s.name 和所有其他 JOIN 列不在“字段列表”中,因此经过一番谷歌搜索后,我能够通过将它们放在双引号中来修复该错误。所以现在查询返回了一个没有错误的资源,但是这个资源是空的。

现在我从声明后的回声中得到的是“资源 id #4 警告:implode():在第 143 0 行的 /var/www/beta/index.php 中传递的参数无效”

这是查询和周边功能:

<?php /* other functions preceding */ $result = mysql_query("SELECT * FROM users WHERE uid=" . $_SESSION['uid'] . "");
    $cur_user = mysql_fetch_array($result);
    $ufriends = explode(';', $cur_user['friends']);
    $ufsql = trim(implode(',',$ufriends),',');
    $uevents = explode(';', $cur_user['events']);
    $uesql = trim(implode(',',$uevents),',');
    $urequests = explode(';', $cur_user['requests']);
    $ursql = trim(implode(',',$urequests),',');
    if (!empty($ufriends)) {
        $time1 = microtime();
        $megaresult = mysql_query("
            ( SELECT \"s.name\" AS source_name, NULL AS target_name, recent_updates.*, 1 AS ORD FROM recent_updates
                INNER JOIN users AS s ON (\"s.uid\"=recent_updates.source_id)
                WHERE update_type='10'
                LIMIT 1
            )
            UNION
            ( SELECT \"s.name\" AS source_name, NULL AS target_name, recent_updates.*, 2 as ORD FROM recent_updates
                INNER JOIN users AS su ON (\"s.uid\"=recent_updates.source_id)
                WHERE update_type='10'
                LIMIT 1,9
            )
            UNION
            ( SELECT \"s.name\" AS source_name, \"t.name\" AS target_name, recent_updates.*, 2 AS ORD FROM recent_updates
                INNER JOIN users AS s ON (\"s.uid\"=recent_updates.source_id)
                INNER JOIN users AS t ON (\"t.uid\"=recent_updates.target_id)
                WHERE update_type='2'
                AND
                    ( target_id IN (" . $ufsql . ") )
                AND
                    ( source_id IN (" . $ufsql . ") )
                OR
                (
                    ( target_id IN (" . $cur_user['uid'] . ") )
                AND
                    ( source_id IN (" . $ufsql . ") )
                )
                OR
                (
                    ( target_id IN (" . $ufsql . ") )
                AND
                    ( source_id IN (" . $cur_user['uid'] . ") )
                )
                LIMIT 0,10
            )
            UNION
            ( SELECT \"s.name\" AS source_name, \"t.name\" AS target_name, recent_updates.*, 2 AS ORD FROM recent_updates
                INNER JOIN users AS s ON (\"s.uid\"=recent_updates.source_id)
                INNER JOIN users AS t ON (\"t.uid\"=recent_updates.target_id)
                WHERE update_type='4'
                AND
                (
                    ( target_id IN (" . $ufsql . ") )
                AND
                    ( source_id IN (" . $ufsql . ") )
                )
                OR
                (
                    ( target_id IN (" . $cur_user['uid'] . ") )
                AND
                    ( source_id IN (" . $ufsql . ") )
                )
                OR
                (
                    ( target_id IN (" . $ufsql . ") )
                AND
                    ( source_id IN (" . $cur_user['uid'] . ") )
                )
                LIMIT 0,10
            )
            UNION
            ( SELECT \"s.name\" AS source_name, \"t.name\" AS target_name, recent_updates.*, 2 AS ORD FROM recent_updates
                INNER JOIN users AS s ON (\"s.uid\"=recent_updates.source_id)
                INNER JOIN events AS t ON (\"t.id\"=recent_updates.target_id)
                WHERE update_type='3'
                AND
                target_id IN (" . $uesql . ")
                LIMIT 0,10
            )
            UNION
            ( SELECT \"s.name\" AS source_name, \"t.name\" AS target_name, recent_updates.*, 2 AS ORD FROM recent_updates
                INNER JOIN users AS s ON (\"s.uid\"=recent_updates.source_id)
                INNER JOIN events AS t ON (\"t.id\"=recent_updates.target_id)
                WHERE update_type='3'
                AND
                target_id IN (" . $ursql . ")
                LIMIT 0,10
            )
            UNION
            ( SELECT \"s.name\" AS source_name, \"t.name\" AS target_name, recent_updates.*, 2 AS ORD FROM recent_updates
                INNER JOIN users AS s ON (\"s.uid\"=recent_updates.source_id)
                INNER JOIN events AS t ON (\"t.id\"=recent_updates.target_id)
                WHERE update_type='5'
                AND
                target_id IN (" . $ursql . ")
                LIMIT 0,10
            )
            UNION
            ( SELECT \"s.name\" AS source_name, \"t.name\" AS target_name, recent_updates.*, 2 AS ORD FROM recent_updates
                INNER JOIN users AS s ON (\"s.uid\"=recent_updates.source_id)
                INNER JOIN events AS t ON (\"t.id\"=recent_updates.target_id)
                WHERE update_type='11'
                AND
                (
                    target_id IN (" . $uesql . ")
                OR
                    target_id IN (" . $ursql . ")
                )
                AND
                (
                    source_id IN (" . $ufsql . ")
                )
                LIMIT 0,10
            )
            UNION
            ( SELECT NULL AS source_name, \"t.name\" AS target_name, recent_updates.*, 2 AS ORD FROM recent_updates
                INNER JOIN events AS t ON (\"t.id\"=recent_updates.target_id)
                WHERE public != 0 LIMIT 0,10
            )
            ORDER BY ORD ASC, time_un DESC");
        echo $megaresult;
        $feed = mysql_fetch_array($megaresult);
        echo mysql_error();
        $time2 = microtime();
        echo implode('##', $feed);
        echo mysql_num_rows($megaresult);
        echo mysql_info($con);
/* brackets closed, etc */ ?>

我觉得这与将别名列放在双引号中有关。我有这个查询的以前版本,它不包括任何工作得很好的 JOIN 部分,我把它上传到了 pastebin: http: //pastebin.com/upifa7VJ

编辑:

嗯,这很尴尬......我怀疑是引号引起了问题是对的(感谢@andrewtweber!),但是没有引号我得到的错误是由于第二个 SELECT 语句中的拼写错误,INNER JOIN users AS su而不是 INNER JOIN 用户作为s。感谢大家的帮助!

4

2 回答 2

2

由于您的问题是一个错字,让我借此机会向您介绍PDO

您知道每个人都如何告诉您 SQL 注入以及它有多可怕吗?好吧,通过正确的实践,PDO 可以为您解决这个问题。

这是不好的:

$result = mysql_query("SELECT * FROM users WHERE uid=" . $uid . "");

这更糟!

$result = mysql_query("SELECT * FROM users WHERE uid=" . $_GET['uid'] . "");

现在让我们用 PDO 来做你代码的前几行

//Getting the handle that will allow us to do stuff with the Database
$dbh = new PDO("mysql:host=$hostname;dbname=mysql", $username, $password);
$sql = "SELECT * FROM users WHERE uid= :uid"
//Now we prepare our query, send it to the database server and get it ready
$stmt = $dbh->prepare($sql);
//So now we add the parameters to the query
$stmt->bindParam(':uid', $_SESSION['uid'], PDO::PARAM_INT);
//Now we execute it
$stmt->execute();
//Fetching the result
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
//Let's see our result
print_r($result);

就是这样!您又写了几行,但不仅保护了您的数据库,而且您自己也有机会提高性能,并且很高兴您遵循了一些良好的实践原则。

您刚刚阅读的内容还不够,请确保您查看 PDO 的文档或至少查看此优秀教程

于 2012-06-30T20:21:27.603 回答
1

双引号表示您选择的是字符串"s.name" 而不是column s.name

您可能打算做的是使用反引号`。反引号允许您使用保留的 MySQL 关键字作为列名,例如

SELECT `table`.`name` FROM `table` ORDER BY `order` ASC
于 2012-06-30T20:23:00.943 回答