1. 首頁
  2. 問答
  3. 從嵌套數組插入數據到MySQL使用PHP

從嵌套數組插入數據到MySQL使用PHP

2016-10-03 130 views
0

我有這個JSON數據的嵌套數組,我試圖插入特定的數據到MYSQL數據庫。但即時通訊出現錯誤,我根本不知道我的代碼有什麼問題。對不起,對PHP/MySQL仍然陌生。任何幫助表示讚賞從嵌套數組插入數據到MySQL使用PHP

這裏是JSON數組:

[ 
{ 
"title": "★ (Blackstar)", 
"artist": "David Bowie", 
"year": "2016", 
"genre": "Jazz", 
"media": [ 
{ 
"totalDiscs": "1", 
"position": "1", 
"tracks": [ 
{ 
"title": "★ (Blackstar)", 
"number": "1", 
"artists": [] 
}, 
{ 
"title": "'Tis A Pity She Was A Whore", 
"number": "2", 
"artists": [] 
}, 
{ 
"title": "Lazarus", 
"number": "3", 
"artists": [] 
}, 
{ 
"title": "Sue (Or In A Season Of Crime)", 
"number": "4", 
"artists": [] 
}, 
{ 
"title": "Girl Loves Me", 
"number": "5", 
"artists": [] 
}, 
{ 
"title": "Dollar Days", 
"number": "6", 
"artists": [] 
}, 
{ 
"title": "I Can't Give Everything Away", 
"number": "7", 
"artists": [] 
} 
] 
} 
], 
"score": 1 
} 
]

這裏是我的代碼:

$json = json_decode($result, true); 

$servername = "localhost"; 
$username = "root"; 
$password = ""; 
$dbname = "4tracks"; 

// Create connection 
$conn = new mysqli($servername, $username, $password, $dbname); 
// Check connection 
if ($conn->connect_error) { 
    die("Connection failed: " . $conn->connect_error); 
} else { 
    //echo "connected <br/>"; 
} 



$sql = "INSERT INTO tracks (artist_name) 
VALUES ('".$json[0]['artist']."')"; 

    if (array_key_exists('genre',$json[0])){ 
     $sql = "INSERT INTO tracks (track_genre) 
      VALUES ('".$json[0]['genre']."')"; 

    } 

    foreach($json[0]['media'] as $key => $values){ 


     foreach($values['tracks'] as $key1 => $values1) { 
      $sql .= "INSERT INTO tracks (track_name) 
       VALUES ('".$values1['title']."')"; 


     } 
} 



if ($conn->query($sql) === TRUE) { 
    echo "New record created successfully"; 
} else { 
    echo "Error: " . $sql . "<br>" . $conn->error; 
} 

$conn->close();

這裏是輸出當我運行WAMP .php爲:

Error: INSERT INTO tracks (artist_name) VALUES ('David Bowie'); INSERT INTO tracks (track_genre) VALUES ('Jazz');

INSERT INTO tracks (track_name) VALUES ('★ (Blackstar)');

INSERT INTO tracks (track_name) VALUES (''Tis A Pity She Was A Whore');

INSERT INTO tracks (track_name) VALUES ('Lazarus');

INSERT INTO tracks (track_name) VALUES ('Sue (Or In A Season Of Crime)');

INSERT INTO tracks (track_name) VALUES ('Girl Loves Me');

INSERT INTO tracks (track_name) VALUES ('Dollar Days');

INSERT INTO tracks (track_name) VALUES ('I Can't Give Everything Away');

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INSERT INTO tracks (track_genre) VALUES ('Jazz');INSERT INTO tracks (track_n' at line 2---

來源

2016-10-03 David Teh

+2

你在哪裏執行?您是否使用支持多個查詢執行的功能?您還應該使用參數化查詢,您永遠不知道歌曲/藝術​​家是否會在其中有引號。 – chris85

+0

數據庫方案說明,我想你會想在'track_name'中引用該藝術家。 – chris85

+0

正如@ chris85所說,你的查詢實際上是一組串聯在一起的查詢。注意它在第二個查詢的開始處吐出。另外,你可以考慮在數據庫中規範你的數據結構。 – Berniev

回答

-1 
INSERT INTO tracks (track_name) VALUES (''Tis A Pity She Was A Whore');

'Tis - 你需要逃脫t帽子單引號。

$sql = "INSERT INTO tracks (artist_name) 
VALUES ('". addslashes ($json[0]['artist']) ."');";

來源

2016-10-04 00:46:16

+0

使用[編寫參數化語句](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) – RiggsFolly

-1

逃逸將確保沒有特殊的符號(如在JSON的「符號)將MySQL的解析。

逃避你的查詢,使用$mysqli->real_escape_string($my_json);

始終逃脫不管你嘗試插入到數據庫中,甚至更好 - 使用參數化或準備好的語句(閱讀更多here

來源

2016-10-04 07:17:13 Jared

+0

看看在[Little Bobby Tables]發生了什麼事情(http://bobby-tables.com/)即使是 [如果你正在逃避輸入,它不安全!](http:// stackoverflow。com/questions/5741187/sql -injection-that-around-mysql-real-escape-string) 使用[prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared- statement.php) – RiggsFolly

+0

爲什麼downvote? (給大家) – Jared

+0

建議不好,你錯過了很多OP的錯誤 – RiggsFolly

0

最明顯的問題是您正在構建一個包含多個查詢的字符串。 eries有可能使用mysqli_它沒有使用​​方法完成,並且可以更簡單地獨立執行每個查詢。

此外,您可以在tracks表中爲每列寫入一個查詢,此時您可以在一個查詢中同時將多個列插入到表中。

然後,您將需要使用多個循環來循環您的JSON數據結構,foreach循環最適合此目的。

另外你也可以使用參數化查詢,像"title": "'Tis A Pity She Was A Whore"這樣的字符串中的引號問題會自動處理好。

所以我的建議是作爲解決

<?php 
$servername = "localhost"; 
$username = "root"; 
$password = ""; 
$dbname = "4tracks"; 

// Create connection 
$conn = new mysqli($servername, $username, $password, $dbname); 
// Check connection 
if ($conn->connect_error) { 
    echo "Connection failed: " . $conn->connect_error; 
    exit; 
} 

$j = file_get_contents('tst.json'); 

$json = json_decode($j); 
if (json_last_error() != 0) { 
    echo json_last_error_msg(); 
} 

// Notice we prepare the query ONCE, but later execute it many times 
// with different data in the parameters 

$sql = "INSERT INTO tracks (artist_name, track_genre, track_name) VALUES (?,?,?)"; 
$stmt = $conn->prepare($sql); 
// check the prepare worked, if not report errors and exit 
if (! $stmt) { 
    echo $conn->error; 
    exit; 
} 
// bind the variables names to the ? place holders 
// the variables at this point do not have to exists, or have data in them 
$stmt->bind_param('sss', $artist, $genre, $title); 


foreach($json as $cd) { 

    foreach($cd->media as $media) { 

     foreach($media->tracks as $track){ 

      // load the bound variables with the data for this insert execution 
      $artist = $cd->artist; 
      $genre = $cd->genre; 
      $title = $track->title; 

      $result = $stmt->execute(); 
      // check the insert worked, if not report error 
      if (!$result) { 
       echo $conn->error; 
       exit; 
      } 
     } 
    } 
}

來源

2016-10-04 09:16:07 RiggsFolly

+0

經過一些小的調整後,代碼工作!從中學到了很多東西。謝謝你,先生。乾杯! –

相關問題

 相關問題