0

好吧,我遇到了一个非常奇怪的问题。我试图从 WoW 军械库中导入数据,并在此过程中将此信息添加到我自己的数据库中名为 user 的表下。

现在我在添加新成员的同时检查当前成员的所有信息是否仍然正确使用(请记住,修复所有 sql 注入问题是我在此之后要做的事情):

@$json = file_get_contents("http://$region.battle.net/api/wow/guild/$realm/$guild?fields=members,achievements");
if($json == false)
{
throw new Exception("Failed To load infomation. check setup options");
} 
$decode = json_decode($json, true);

foreach($decode['members'] as $p) {
    $mrank = $p['rank'];
    $mname = $p['character']['name'];
    $mclass = $p['character']['class'];
    $mrace = $p['character']['race'];
    $mlevel = $p['character']['level'];
    $mgender = $p['character']['gender'];

    $check = mysql_query("SELECT * FROM user WHERE charactername='$mname'");
    if($check == false)
    { 
        die("Sql query failed"); 
    }
    if(mysql_num_rows($check) != 0)
    {
        if($mlevel !== $check['level'])
        {
            mysql_query("UPDATE user SET level='$mlevel' WHERE charactername='$mname'");
            $uCount = $uCount + 1; 
            echo "level $mname<br />"; 
        }
        if($mclass !== $check['class'])
        {
            mysql_query("UPDATE user SET class='$mclass' WHERE charactername='$mname'");
            $uCount = $uCount + 1; 
            echo "class $mname<br />"; 
        }
        if($mrace !== $check['race'])
        {
            mysql_query("UPDATE user SET race='$mrace' WHERE charactername='$mname'");
            $uCount = $uCount + 1; 
            echo "race $mname<br />"; 
        }
        if($mgender !== $check['gender'])
        {
            mysql_query("UPDATE user SET gender='$mgender' WHERE charactername='$mname'");
            $uCount = $uCount + 1; 
            echo "gender $mname<br />"; 
        }
        if($mrank !== $check['rank'])
        {
            mysql_query("UPDATE user SET rank='$mrank' WHERE charactername='$mname'");
            $uCount = $uCount + 1; 
            echo "rank $mname<br />"; 
        }
    $pCount = $pCount + 1;

    }   
    else
    {
    //add new user otherwise
        $sql="INSERT INTO user (charactername, class, race, level, gender, rank) VALUES ('$mname','$mclass','$mrace','$mlevel','$mgender','$mrank')";
        $nCount = $nCount + 1;
        if (!mysql_query($sql,$con))
            {
            die('Error: ' . mysql_error());
            }
    }
}
    echo "$nCount new members added.<br />";
    echo "$pCount member(s) already existed.<br />";
    echo "$uCount member(s) got updated <br />";

但现在是问题,使用此代码更新部分,所以所有:

if($mlevel !== $check['level'])
        {
            mysql_query("UPDATE user SET level='$mlevel' WHERE charactername='$mname'");
            $uCount = $uCount + 1; 
            echo "level $mname<br />"; 
        }

无论如何都要运行,我不明白为什么。我比较了数据,并且在回显时两者都相等。因此,据我所知,使用 !== 应该只有在它们不相同时才会触发。在目前的情况下,我的更新脚本运行了 800 次。并且这也从字面上更新了用户表中的所有数据 800 次。据我所知,这不是必需的。

任何帮助将不胜感激。

4

2 回答 2

2

您应该尝试 != if($mlevel != $check['level'])as !== 检查它们是否是相同的确切值和数据类型,并且由于您检索的两个不同,php 可能已经为每个分配了不同的数据类型

或者您可以同时转换 $a =(int)$mlevel 和 $b = (int)$check['level'] 然后执行 !==

于 2012-08-02T04:03:26.610 回答
0

虽然这可能不是最好的方法,但在通过@MatthewBlancarte 发现查询得到 Null 后,我决定修改代码:

foreach($decode['members'] as $p) {
$mrank = $p['rank'];
$mname = $p['character']['name'];
$mclass = $p['character']['class'];
$mrace = $p['character']['race'];
$mlevel = $p['character']['level'];
$mgender = $p['character']['gender'];

$check = mysql_query("SELECT * FROM user WHERE charactername='$mname'");


while($row = mysql_fetch_array($check)){
    $prank = $row['rank'];
    $pname = $row['charactername'];
    $pclass = $row['class'];
    $prace = $row['race'];
    $plevel = $row['level'];
    $pgender = $row['gender'];
}

if($check == false)
{ 
    die("Sql query failed"); 
}

if(mysql_num_rows($check) != 0)
{   
    if($mlevel != $plevel)
    {
        mysql_query("UPDATE user SET level='$mlevel' WHERE charactername='$mname'");
        $uCount = $uCount + 1; 
        //echo "level $mname<br />"; 
    }

使用 mysql_fetch_array 添加额外的查询 while 循环:

while($row = mysql_fetch_array($check)){
    $prank = $row['rank'];
    $pname = $row['charactername'];
    $pclass = $row['class'];
    $prace = $row['race'];
    $plevel = $row['level'];
    $pgender = $row['gender'];

是什么修复了它,将它与这些变量进行比较是有效的。谢谢大家的帮助。在更多人评论之前是的.. 我会修复 sql 注入.. >.>

于 2012-08-02T05:25:32.610 回答