0
Ich habe eine Android-App, die MySQL-Server verwendet, und ich versuche herauszufinden, wie Sie INSERT INTO SELECT-Anweisung verwenden. Hier ist, was ich in meinem PHP-Skript habe. Es funktioniert, wenn ich es mit "harten Code" Werten teste.SQL INSERT INTO SELECT-Anweisung
<?php
require "conn.php";
$UserID = $_POST["UserID"];
$EventID = $_POST["EventID"];
$query = "INSERT INTO Interested (UserID, EventID)
SELECT '$UserID' , '$EventID' FROM Interested
WHERE NOT EXISTS (SELECT UserID, EventID FROM Interested WHERE UserID = '$UserID'
AND EventID = '$EventID') LIMIT 1;";
$result = mysqli_query($conn ,$query);
if(mysqli_num_rows($result) > 0)
{
echo "Interested";
}
else
{
echo "Duplicate";
}
?>
Android gibt mir diese Fehlermeldung
08-24 21:57:39.517 8553-9030/com.example.feelingoodlivinbeta.socialdreams_a1 E/AndroidRuntime: FATAL EXCEPTION: AsyncTask #3
Process: com.example.feelingoodlivinbeta.socialdreams_a1, PID: 8553
java.lang.RuntimeException: An error occurred while executing doInBackground()
at android.os.AsyncTask$3.done(AsyncTask.java:309)
at java.util.concurrent.FutureTask.finishCompletion(FutureTask.java:354)
at java.util.concurrent.FutureTask.setException(FutureTask.java:223)
at java.util.concurrent.FutureTask.run(FutureTask.java:242)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
at java.lang.Thread.run(Thread.java:818)
Caused by: java.lang.ArrayIndexOutOfBoundsException: length=2; index=2
at com.example.feelingoodlivinbeta.socialdreams_a1.InterestedFunction.doInBackground(InterestedFunction.java:32)
at com.example.feelingoodlivinbeta.socialdreams_a1.InterestedFunction.doInBackground(InterestedFunction.java:24)
at android.os.AsyncTask$2.call(AsyncTask.java:295)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
at java.lang.Thread.run(Thread.java:818)
warum Sie wählen var ..? $ UserID, $ Ereignis-ID ?? – scaisEdge
Warum nicht einfach einen eindeutigen Index hinzufügen? –
Ihr Code ist anfällig für [SQL-Injektion] (https://stackoverflow.com/questions/601300/what-is-sql-injection) – litelite