MySQL error: `query': Duplicate entry '' for key 3 (Mysql2::Error) on a Ruby file_问答_开发者

MySQL error: `query': Duplicate entry '' for key 3 (Mysql2::Error) on a Ruby file

开发者 https://www.devze.com 2023-03-12 00:25 出处：网络

This is the code I am using # update db client = Mysql2::Client.new(:host => \"localhost\", :username => \"jo151\", :password => \"password\", :database => \"jo151\")

相关专题：insert key ruby

This is the code I am using

# update db
client = Mysql2::Client.new(:host => "localhost", :username => "jo151", :password => "password", :database => "jo151")

details.each do |d|
    if d[:sku] != ""
        price = d[:price].split

        if price[1] == "D"
            currency = 144
        else
            currency = 168
        end

        cost = price[0].gsub(",", "").to_f

        if d[:qty] == ""
            qty = d[:qty2]
        else
            qty = d[:qty]
        end 

        results = client.query("SELECT * FROM jos_virtuemart_products WHERE product_sku = '#{d[:sku]}' LIMIT 1;")
        if results.count == 1
            product = results.first


                            client.query("UPDATE jos_virtuemart_products SET product_sku = '#{d[:sku]}', product_name = '#{d[:desc]}', product_desc = '#{d[:desc]}', product_in_stock = '#{qty}' WHERE virtuemart_product_id = 
    #{product['virtuemart_product_id']};")

                client.query("UPDATE jos_virtuemart_product_prices SET product_price = '#{cost}', product_currency = '#{currency}' WHERE virtuemart_product_id = '#{product['virtuemart_product_id']}';")
            else
                client.query("INSERT INTO jos_virtuemart_products( product_sku, product_name, product_s_desc, product_in_stock)  VALUES('#{d[:sku]}','#{d[:desc]}','#{d[:desc]}','#{d[:qty]}');")
                last_id = client.last_id

                client.query("INSERT开发者_如何学Go INTO jos_virtuemart_product_prices(virtuemart_product_id, product_price, product_currency) VALUES('#{last_id}', '#{cost}', #{currency});")
            end
        end
    end

`query': Duplicate entry '' for key 3 (Mysql2::Error) on line 35:

client.query("INSERT INTO jos_virtuemart_products( product_sku, product_name, product_s_desc, product_in_stock)  VALUES('#{d[:sku]}','#{d[:desc]}','#{d[:desc]}','#{d[:qty]}');")
                last_id = client.last_id

Putting in raw SQL statements with arbitrary strings inlined like this is extremely dangerous. You absolutely must escape any values put into them for your application to work at all. The first description you get with an apostrophe will cause your SQL to fail.

In this case you would use client.quote on each and every one of the strings. No exceptions. You have probably seen tons of press about Sony getting hacked, and it's because of mistakes like this that serious breaches happen.

You should investigate using an ORM to help with this, even something as simple as Sequel or DataMapper, as they provide facilities to make this easy.

The reason you are getting a duplicate key is because you have a unique index on one of the columns you're inserting into, or one of the columns is not specified and has a default value that collides with an existing row.