0

让它工作的问题:

我把这个查询字符串(作为一个变量):

"query" => 
            "CREATE TABLE 
                users(
                    id INT NOT NULL AUTO_INCREMENT  PRIMARY KEY,
                    date_created DATETIME,     
                    last_active DATETIME,
                    last_logged_in DATETIME,
                    first_name VARCHAR(255),
                    last_name VARCHAR(255),
                    email VARCHAR(255), 
                    password VARCHAR(255),  
                    permissions INT,  
                    status SMALLINT
                )"

进入这个循环:

foreach( $queryStrings as $queryString )
{  
    $query = Database::Query( $queryString[ "query" ] );
    if( $query )
    {
        echo "Database table " . $queryString[ "name" ] . " successfully created<br />"; 
    }
    else
    {     
        echo "Database table " . $queryString[ "name" ] . " failed to create<br />"; 
    }
}

数据库:查询在这里:

    public static function Query( $query )
    {
        $query = self::$mysqli->real_escape_string( trim( $query ) );  

        if ( $query = self::$mysqli->prepare($query) ) 
        {
            $query->execute();   

            $DatabaseQuery = new DatabaseQuery();
                $DatabaseQuery->result = $query->get_result();       
                $DatabaseQuery->mysql_num_rows = $query->num_rows();                 
                $query->close();
                return $DatabaseQuery;                   
        }          

        echo false;
    }

它无法通过:

if ( $query = self::$mysqli->prepare($query) )

它正在准备的字符串在这里:

CREATE TABLE \r\n users(\r\n id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,\r\n date_created DATETIME, \r\n last_active DATETIME,\r\n last_logged_in DATETIME,\r\n first_name VARCHAR(255),\r\n last_name VARCHAR(255),\r\n email VARCHAR(255), \r\n password VARCHAR(255), \r\n permissions INT, \r\n status SMALLINT\r\n )
4

2 回答 2

0

您应该使用从查询字符串中删除\rand\nstr_replace

 $string = str_replace(array("\n", "\r"), '', $string);

或者你也可以这样做preg_replace

$string = preg_replace('/[\r\n]/', '', $string);
于 2013-01-03T17:04:52.937 回答
0

当然,删除换行符是一个错误的答案。

$query = self::$mysqli->real_escape_string( trim( $query ) );应该删除它的整行,因为它通常不应该用于整个查询,并且对于像这样的准备好的查询实际上没有用。

于 2013-01-08T07:50:41.200 回答