I'm parsing article links from a friend's basketball website using DOM Parser. I want to store these values in my database but I'm getting a syntax error Here's the code:
我正在使用DOM Parser从朋友的篮球网站解析文章链接。我想将这些值存储在我的数据库中,但我得到一个语法错误这是代码:
<?php
include_once ('connect_to_mysql.php');
include_once ('simple_html_dom.php');
$html = file_get_html('http://basket-planet.com/ru/');
$main = $html->find('div[class=mainBlock]', 0);
$items = array();
foreach ($main->find('a') as $m){
$items[] = "$m->plaintext, $m->href";
}
//print_r($items);
$reverse = array_reverse($items);
print_r($reverse);
$sql = mysql_query ("INSERT INTO basket_news (article, link) VALUES ".(implode(',', $reverse))."") or die (mysql_error());
?>
This is the output from the reverse array (sorry, it's in a nother language):
这是反向数组的输出(对不起,它是用其他语言):
Array (
[0] => 07:43 Видео. Дэвид Стерн и арбитры вручают "Лейкерс" победу над "Миннесотой" (1) , /ru/news/9234
[1] => 07:51 "Чикаго" прервал победную серию "Майами" на отметке 27 (0) , /ru/news/9235
[2] => 15:02 Кабмин выделил 200 млн грн на подготовку к Евробаскету (0) , /ru/news/9243
[3] => 20:42 Евролига: ЦСКА ломает мадридский «Реал» (0) , /ru/news/9246
[4] => 21:45 «Уникаха» побеждает в Стамбуле и молится на «Бамберг» (0) , /ru/news/9248 )
And here's the error:
这是错误:
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near
'07:43 Видео. Дэвид Стерн и ' at line 1
What am I doing wrong here? Please advise...
我在这做错了什么?请指教...
2 个解决方案
#1
0
The string is not delimited with quotes and not escaped in your code. The Values string should contained by ( and ) So the right way if you use mysql:
该字符串未使用引号分隔,并且未在代码中进行转义。值字符串应该包含(和)所以如果你使用mysql,那么正确的方法:
$items[] = "('".mysql_real_escape_string($m->plaintext)."','".
mysql_real_escape_string($m->href)."')";
And as the other commenters said, you should try out mysqli, or PDO in php. The query building is easier and safer than mysql_* functions. (And mysql_* functions will be deprecated in the next version of PHP)
正如其他评论者所说,你应该尝试使用php中的mysqli或PDO。查询构建比mysql_ *函数更容易,更安全。 (并且在下一版本的PHP中将弃用mysql_ *函数)
#2
2
Change to:
foreach ($main->find('a') as $m)
{
$items[] = "'$m->plaintext', '$m->href'";
}
And
"INSERT INTO basket_news (article, link) VALUES (" . implode('), (', $reverse) . ")"
Also, ensure you escape your input (or ideally use prepared statements).
另外,确保您逃避输入(或理想情况下使用预准备语句)。
#1
0
The string is not delimited with quotes and not escaped in your code. The Values string should contained by ( and ) So the right way if you use mysql:
该字符串未使用引号分隔,并且未在代码中进行转义。值字符串应该包含(和)所以如果你使用mysql,那么正确的方法:
$items[] = "('".mysql_real_escape_string($m->plaintext)."','".
mysql_real_escape_string($m->href)."')";
And as the other commenters said, you should try out mysqli, or PDO in php. The query building is easier and safer than mysql_* functions. (And mysql_* functions will be deprecated in the next version of PHP)
正如其他评论者所说,你应该尝试使用php中的mysqli或PDO。查询构建比mysql_ *函数更容易,更安全。 (并且在下一版本的PHP中将弃用mysql_ *函数)
#2
2
Change to:
foreach ($main->find('a') as $m)
{
$items[] = "'$m->plaintext', '$m->href'";
}
And
"INSERT INTO basket_news (article, link) VALUES (" . implode('), (', $reverse) . ")"
Also, ensure you escape your input (or ideally use prepared statements).
另外,确保您逃避输入(或理想情况下使用预准备语句)。