0

我正在做的是抓取一个提要并从每个提要项中插入数据。请参阅下面的代码以了解我正在使用的代码。好的。因此,我使用查询运行页面,它将提要加载到 simplexml 中,并在提要中插入前两项,但是当它到达第三项时出现错误。有关我遇到的错误,请参见下文。

我正在使用 PHP5 和 MySQL 5.0.4

PHP代码:

$xml = simplexml_load_file($feed['url']);

foreach($xml->channel->item as $item)
{                       
    $this->query = $this->db->query("
    INSERT INTO `feed_items`
    (`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`)
    VALUES
    ('{$feed['id']}', '{$item->guid}', '{$item->pubDate}', NULL, '{$item->link}', '{$item->title}', '{$item->description}', NULL)
    ");
}

错误:

A Database Error Occurred
Error Number: 1064

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'permitted_uri_chars']? That seems risky though. Is it a static page that you're ' at line 4

INSERT INTO `feed_items` (`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`) VALUES ('2', 'http://twitter.com/kyct/statuses/4131154118', 'Sun, 20 Sep 2009 20:54:41 +0000', NULL, 'http://twitter.com/kyct/statuses/4131154118', 'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?', 'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?', NULL)

供稿网址:

http://twitter.com/statuses/user_timeline/6431322.rss

这是此提要的示例:

<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0">
  <channel>
    <title>Twitter / kyct</title>
    <link>http://twitter.com/kyct</link>
    <atom:link type="application/rss+xml" href="http://twitter.com/statuses/user_timeline/6431322.rss" rel="self"/>
    <description>Twitter updates from Kylee Tilley / kyct.</description>
    <language>en-us</language>
    <ttl>40</ttl>
  <item>
    <title>kyct: RT @ruinbox #reddit asploded. Here is the code: http://paste2.org/p/441124</title>
    <description>kyct: RT @ruinbox #reddit asploded. Here is the code: http://paste2.org/p/441124</description>
    <pubDate>Mon, 28 Sep 2009 03:01:34 +0000</pubDate>
    <guid>http://twitter.com/kyct/statuses/4433385042</guid>
    <link>http://twitter.com/kyct/statuses/4433385042</link>
  </item>
  <item>
    <title>kyct: #reddit.com is hitting hit by some worm/exploit in the comments. Viewing comments will cause you to spread this worm/exploit.</title>
    <description>kyct: #reddit.com is hitting hit by some worm/exploit in the comments. Viewing comments will cause you to spread this worm/exploit.</description>
    <pubDate>Mon, 28 Sep 2009 02:22:51 +0000</pubDate>
    <guid>http://twitter.com/kyct/statuses/4432550280</guid>
    <link>http://twitter.com/kyct/statuses/4432550280</link>
  </item>
  <item>
    <title>kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?</title>
    <description>kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?</description>
    <pubDate>Sun, 20 Sep 2009 20:54:41 +0000</pubDate>
    <guid>http://twitter.com/kyct/statuses/4131154118</guid>
    <link>http://twitter.com/kyct/statuses/4131154118</link>
  </item>
  </channel>

</rss>
4

2 回答 2

3

在将“描述”字段输入数据库之前,您需要转义(至少)“描述”字段上的引号:

foreach($xml->channel->item as $item)
{                                       
    $this->query = $this->db->query("
    INSERT INTO `feed_items`
    (`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`)
    VALUES
    ('{$feed['id']}', '{$item->guid}', '{$item->pubDate}', NULL, '{$item->link}', '{$item->title}', '" . mysql_real_escape_string($item->description). "', NULL)
    ");
}

虽然我不确定 mysql_real_escape_string 是否是现在使用得这么多的东西。

于 2009-10-04T21:04:25.277 回答
1 
'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?', 'kyct: @jtkendall Edit your $config['permitted_uri_chars']? That seems risky though. Is it a static page that you're serving?'

您需要转义单引号,如下所示:

"INSERT INTO `feed_items`
(`feed_id`, `guid`, `publish_date`, `update_of`, `link`, `title`, `description`, `comments_link`)
VALUES
('{$feed['id']}', '{$item->guid}', '{$item->pubDate}', NULL, '{$item->link}', '" . mysql_real_escape_string($item->title) . "', '" . 
 mysql_real_escape_string($item->description) . "', NULL)
";
于 2009-10-04T21:03:34.077 回答