通过coldfusion写入数据库
我正在写一个submit.cfm 文档。我正在尝试将用户信息写入一个空白的新数据库。 这是我的代码:
<cfif ParameterExists(form.submit)>
<cfquery name="AddProfile" datasource="careers_acad_internship">
INSERT INTO internships
VALUES (
'#form.stu_first#', '#form.stu_last#',
#form.stu_id#, '#form.sup_name#',
'#form.sup_email#', #form.sup_phone#,
'#form.emp_name#', '#form.emp_add#',
'#form.spec_obj#', '#form.spec_duties#',
'#form.semester#', #form.intern_year#,
'#form.work_sche#', '#form.digital_sig#')
</cfquery>
但事实证明有一个错误。不知道是语法错误还是其他。
错误消息如下。
第 0 列
ID CFQUERY
24号线
RAW_TRACE 位于 cfsubmit2ecfm1505563048.runPage(D:\web\careers\academicinternship\submit.cfm:24)
模板 D:\web\careers\academicinternship\submit.cfm
类型 CFML
谢谢,
I'm writing a submit.cfm document. I'm trying to write the users info into a blank new database.
Here's my code:
<cfif ParameterExists(form.submit)>
<cfquery name="AddProfile" datasource="careers_acad_internship">
INSERT INTO internships
VALUES (
'#form.stu_first#', '#form.stu_last#',
#form.stu_id#, '#form.sup_name#',
'#form.sup_email#', #form.sup_phone#,
'#form.emp_name#', '#form.emp_add#',
'#form.spec_obj#', '#form.spec_duties#',
'#form.semester#', #form.intern_year#,
'#form.work_sche#', '#form.digital_sig#')
</cfquery>
But it turns out there's an error. I don't know if it's some syntax errors or else.
The error message is below.
COLUMN 0
ID CFQUERY
LINE 24
RAW_TRACE at cfsubmit2ecfm1505563048.runPage(D:\web\careers\academicinternship\submit.cfm:24)
TEMPLATE D:\web\careers\academicinternship\submit.cfm
TYPE CFML
Thanks,
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
您需要包含列名称列表以将值插入到其中
例如:
插入实习(stu_first、stu_last、stu_id、sup_name、sup_email、sup_phone、emp_name、emp_add、sec_obj、spec_duties、semester、intern_year、work.sche、digital_sig)
VALUES('#form.stu_first#','#form.stu_last#',#form.stu_id#,'#form.sup_name#','#form.sup_email#',#form.sup_phone#,'#form.员工姓名#', '#form.emp_add#','#form.spec_obj#','#form.spec_duties#','#form.semester#',#form.intern_year#,'#form.work_sche#','#form. digital_sig#')
当然,假设您的列名称与表单变量名称相同。
You need to include the list of column names to insert the values into
for example:
INSERT INTO internships (stu_first, stu_last, stu_id, sup_name,sup_email,sup_phone,emp_name,emp_add,sec_obj,spec_duties,semester,intern_year,work.sche,digital_sig)VALUES('#form.stu_first#','#form.stu_last#',#form.stu_id#,'#form.sup_name#','#form.sup_email#',#form.sup_phone#,'#form.emp_name#', '#form.emp_add#','#form.spec_obj#','#form.spec_duties#','#form.semester#',#form.intern_year#,'#form.work_sche#','#form.digital_sig#')
Assuming, of course, your column names are the same as your form variable names.
首先,仔细检查您的数据类型,我注意到您引用了一些变量,但没有引用其他变量,请确保以下内容正确。
<cfquery datasource="foobar"> INSERT INTO internships (stu_first,stu_last,stu_id,sup_name,sup_email,sup_phone,emp_name,emp_add,spec_obj,spec_duties,semester,intern_year,work_sche,digital_sig) VALUES( <cfqueryparam value="#form.stu_first#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.stu_last#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.stu_id#" cfsqltype="cf_sql_integer" />, <cfqueryparam value="#form.sup_name#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.sup_email#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.sup_phone#" cfsqltype="cf_sql_integer" />, <cfqueryparam value="#form.emp_name#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.emp_add#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.spec_obj#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.spec_duties#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.semester#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.intern_year#" cfsqltype="cf_sql_integer" />, <cfqueryparam value="#form.work_sche#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.digital_sig#" cfsqltype="cf_sql_varchar" /> ) </cfquery>First, double check your datatypes, I noticed you quoted some variables but not others, make sure the bellow is correct.
<cfquery datasource="foobar"> INSERT INTO internships (stu_first,stu_last,stu_id,sup_name,sup_email,sup_phone,emp_name,emp_add,spec_obj,spec_duties,semester,intern_year,work_sche,digital_sig) VALUES( <cfqueryparam value="#form.stu_first#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.stu_last#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.stu_id#" cfsqltype="cf_sql_integer" />, <cfqueryparam value="#form.sup_name#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.sup_email#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.sup_phone#" cfsqltype="cf_sql_integer" />, <cfqueryparam value="#form.emp_name#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.emp_add#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.spec_obj#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.spec_duties#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.semester#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.intern_year#" cfsqltype="cf_sql_integer" />, <cfqueryparam value="#form.work_sche#" cfsqltype="cf_sql_varchar" />, <cfqueryparam value="#form.digital_sig#" cfsqltype="cf_sql_varchar" /> ) </cfquery>如果您可以发布您收到的错误,这将会有所帮助。
另外,一个巨大的建议——在插入的值上使用 cfqueryparam 来防止 SQL 注入,例如:
仔细检查您的
#符号和刻度线,更不用说这些变量是否存在。有时我会在插入之前放置一个If you can post the error you're receiving, that will help.
Also, a HUGE suggestion -- use cfqueryparam on your inserted values to prevent SQL injection, for example:
Double check your
#signs and your tick marks, not to mention the existence of those variables. Sometimes I will put a<cfabort>before an insert, and with debug output enabled, you can then scroll down and see all of your form variables. I will then copy/paste those to ensure I spell everything correctly.有两件事值得注意:
Two things jump out:
<cfqueryparam>in your insert statement (and every other query in your application). This is to prevent SQL injection and also to improve performance slightly.