以下是UPSERT的解决方案,它使用主键idfill来检查重复项。我只是不确定它是否具有sql注入证明或者甚至是有效的?UPSERT使用InnoDB引擎?
$idq="SELECT idafill FROM afillInfo, actorsInfo
WHERE (actorsInfo.id = afillInfo.id_actor) AND email = '$_SESSION[email]'" or die (mysql_error());
$sql = "INSERT INTO afillInfo (idfill, agency, agentPhone, afillChoice, id_actor)
VALUES (?,?,?,?, (select id FROM actorsInfo WHERE email = ?))
ON DUPLICATE KEY UPDATE
`id_actor` = VALUES(`id_actor`),
`agency` = VALUES(`agency`),
`agentPhone` = VALUES(`agentPhone`),
`afillChoice` = VALUES(`afillChoice`)
";
if (($stmt = $con->prepare($sql)) === false) {
trigger_error($con->error, E_USER_ERROR);
}
$result= mysqli_query($con, $idq);
$row_number = 1;
while ($row = mysqli_fetch_array($result)) {
$idfill= $row["idafill"];
}
if ($stmt->bind_param("sssss",
$idfill,
$_POST["agency"], $_POST["agentPhone"],
$_POST["afillChoice"], $_SESSION["email"]) === false) {
trigger_error($stmt->error, E_USER_ERROR);
}
if (($stmt->execute()) === false) {
trigger_error($stmt->error, E_USER_ERROR);
}
Upsert?插入还是更新? –
与您的问题无关,但将$ _POST变量直接插入SQL语句是不安全的。请参阅http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php –
谢谢我会在稍后解决。 – user2714558