我是否需要为每个 MySQL 语句一个新的查询对象?
我正在尝试编译多个 MySQL 语句并在同一请求中执行它们,但我不断收到 MySQL 语法错误:
local.sql = "";
for (local.i in this.hitArray)
{
local.sql &= "UPDATE posts SET viewCount = posts.viewCount + 1 WHERE posts.id = #local.i.postId#;";
}
local.service.setSQL(local.sql);
Raw SQL dump (local.sql var):
UPDATE posts SET viewCount = posts.viewCount + 1 WHERE posts.id = 95;更新帖子 SET viewCount = posts.viewCount + 1 WHERE posts.id = 95;更新帖子 SET viewCount = posts.viewCount + 1 WHERE posts.id = 95;
看起来查询在第一个语句的末尾就被阻塞了。
I'm trying to compile several MySQL statements and execute them in the same request, but I keep getting a MySQL syntax error:
local.sql = "";
for (local.i in this.hitArray)
{
local.sql &= "UPDATE posts SET viewCount = posts.viewCount + 1 WHERE posts.id = #local.i.postId#;";
}
local.service.setSQL(local.sql);
Raw SQL dump (local.sql var):
UPDATE posts SET viewCount = posts.viewCount + 1 WHERE posts.id = 95;UPDATE posts SET viewCount = posts.viewCount + 1 WHERE posts.id = 95;UPDATE posts SET viewCount = posts.viewCount + 1 WHERE posts.id = 95;
It appears the query is chocking right at the end of the first statement.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
MySQL默认禁用多语句以防止sql注入。您必须添加 allowMultiQueries 标记到您的连接字符串以启用它们。
注意:显然,如果您启用多个语句,那么所有查询都使用 cfqueryparam 或 addParam 非常重要,因为您现在面临 sql 注入的风险。
MySQL disables multiple statements by default to prevent sql injection. You must add the allowMultiQueries flag to your connection string to enable them.
Note: Obviously if you enable multiple statements, it is very important all of your queries use cfqueryparam or addParam because you are now at risk for sql injection.