sql插入没有错误,但表没有数据
我在钛手机中使用 sqlite。我在同一个数据库中的另一个表上运行更新没有问题,所以我的连接似乎没问题。但是,当我在表上运行插入时,我没有插入任何数据,也没有抛出任何错误/异常。所以我对正在发生的事情感到困惑。这是我的表结构,
CREATE TABLE events (
gCal_uid VARCHAR,
title VARCHAR,
content VARCHAR,
location VARCHAR,
startTime VARCHAR,
endTime VARCHAR,
published VARCHAR,
updated VARCHAR,
eventStatus VARCHAR
);
这是代码。你可以看到下面的插入语句。在变量的输出上,它们都有数据。也许我的语法是错误的?
var db = Ti.Database.open('content');
Titanium.API.info(" number or results returned = " + cal.feed.entry.length);
var i;
for (i=0; i < cal.feed.entry.length; i++){
var e = cal.feed.entry[i];
var calUid = e.gCal$uid.value;
var title = e.title.$t;
var content = e.content.$t;
var location = e.gd$where.valueString;
var startTime = e.gd$when[0].startTime;
var endTime = e.gd$when[0].endTime;
var published = e.published.$t;
var updated = e.updated.$t;
var eventStatus = e.gd$eventStatus.value;
Titanium.API.info(calUid + title + content + location + startTime + endTime + published + updated + eventStatus);
var theData = db.execute('INSERT INTO events (gCal_uid, title, content, location, startTime, endTime, published, updated, eventStatus) VALUES("'+calUid+'","'+title+'", "'+content+'", "'+location+'", "'+startTime+'", "'+endTime+'", "'+published+'", "'+updated+'", "'+eventStatus+'")');
theData;
Ti.API.info("rows inserted" + i);
}
Ti.API.info("closed the db");
db.close();
i'm using sqlite in titanium mobile. i've had no problem running updates on another table, in the same db, so my connection seems to be ok. however, when i run inserts on a table, i'm not getting any data inserted and no error/exception is being thrown. so i'm confused on what is happening. here is my table structure
CREATE TABLE events (
gCal_uid VARCHAR,
title VARCHAR,
content VARCHAR,
location VARCHAR,
startTime VARCHAR,
endTime VARCHAR,
published VARCHAR,
updated VARCHAR,
eventStatus VARCHAR
);
here is the code. you can see the insert statement below. on the output of the variables, they all have data in them. possibly my syntax is wrong?
var db = Ti.Database.open('content');
Titanium.API.info(" number or results returned = " + cal.feed.entry.length);
var i;
for (i=0; i < cal.feed.entry.length; i++){
var e = cal.feed.entry[i];
var calUid = e.gCal$uid.value;
var title = e.title.$t;
var content = e.content.$t;
var location = e.gd$where.valueString;
var startTime = e.gd$when[0].startTime;
var endTime = e.gd$when[0].endTime;
var published = e.published.$t;
var updated = e.updated.$t;
var eventStatus = e.gd$eventStatus.value;
Titanium.API.info(calUid + title + content + location + startTime + endTime + published + updated + eventStatus);
var theData = db.execute('INSERT INTO events (gCal_uid, title, content, location, startTime, endTime, published, updated, eventStatus) VALUES("'+calUid+'","'+title+'", "'+content+'", "'+location+'", "'+startTime+'", "'+endTime+'", "'+published+'", "'+updated+'", "'+eventStatus+'")');
theData;
Ti.API.info("rows inserted" + i);
}
Ti.API.info("closed the db");
db.close();
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
SQL 使用单引号。 Javascript 都使用其中之一。
您希望生成的 SQL 就像您编写的一样
最简单、更正确的等效项是:
但您确实希望使用参数替换来避免注入问题和引用错误,例如
SQL uses single quotes. Javascript uses either.
You want the resulting SQL to be as if you'd written
The simplest more-correct equivalent would be:
But you really want to use parameter substitution to avoid injection issues and quoting errors, e.g.
SQL 字符串文字要用单引号引起来,而不是用双引号引起来。
不是正确的说法。
是正确的SQL语句。
此外,您必须确保您插入的内容被正确转义(但您没有)。因此,在将变量与 SQL 语句的其余部分连接之前,必须将变量中的每个单引号加倍。
SQL string literals are to be surrounded by single quotes, not double quotes.
is not a correct statement.
is a correct SQL statement.
Moreover you MUST ensure that what you insert is properly escaped (which you do not). You must therefore double every single single quote inside your variable before concatenating it with the rest of the SQL statement.