douluchuo0801 2018-05-31 05:41
浏览 106
已采纳

PHP pdo:使用参数两次时参数号无效?

I have the Problem, that I can not use an SQL-Statement in PDO (PHP/mysql), when I use a positional parameter twice:

SELECT `ID` FROM `_LOGIN_` WHERE `LoginName` = :loginName AND `sha512`= SHA2(CONCAT(:pw, (SELECT `salt` FROM `_LOGIN_` WHERE `LoginName` = :loginName)), 512)

As you can see, I use ":loginName" twice. So the following error message appears:

PHP Fatal error:  Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number in ...

Am I missing something or is there another way to prepare the statement, so I can use parameters multiple times?

Here follows the complete code to reproduce:

<!DOCTYPE html>
<html>
  <head>
    <title>pdo</title>   

    <meta   charset = "utf-8" />
  </head>

  <body>
      <h1>PDO Prepare</h1>

      <!--
      DB:

DROP   DATABASE IF EXISTS `pdoTestDB`;
CREATE DATABASE           `pdoTestDB`;
ALTER  DATABASE           `pdoTestDB` DEFAULT CHARACTER SET 'utf8' DEFAULT COLLATE 'utf8_general_ci';

CREATE TABLE `_LOGIN_` (
 `ID`           int(11)      NOT NULL
,`LoginName`    TEXT         NOT NULL 
,`SALT`         varchar(  6) NOT NULL 
,`sha512`       varchar(128) NOT NULL 
,`registerTS`   TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP 
,`lastLoginTS`  TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP 
, PRIMARY KEY (`ID`)
) ;

SELECT @SALT:=SUBSTRING(MD5(RAND()) FROM 1 FOR 6);

INSERT INTO `_LOGIN_`
(`ID`, `LoginName`, `salt`, `sha512`                                     , `registerTS`         ) VALUES
(   1, 'muma'      , @SALT, SHA2(CONCAT('123', @SALT), 512), '2018-06-04'         );
      -->

<?php
$PDOcharset = 'utf8mb4';
// set data source name:
$dsn = "mysql:host=localhost;dbname=pdoTestDB;charset=$PDOcharset";
$opt = [
    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
    PDO::ATTR_EMULATE_PREPARES   => false,
];
$pdo = new PDO($dsn, "santisPHP", "123", $opt);

// the sql
$sql = "SELECT `ID` FROM `_LOGIN_` WHERE `LoginName` = :loginName AND `sha512`= SHA2(CONCAT(:pw, (SELECT `salt` FROM `_LOGIN_` WHERE `LoginName` = :loginName)), 512)";

$stmt = $pdo->prepare($sql);

$paramsAssoc = ['loginName' => "muma", 'pw' => "123"];
        //echo $paramsAssoc;
var_dump($stmt);
var_dump($paramsAssoc);

$result = $stmt->execute($paramsAssoc);

$fetched = $stmt->fetch();

echo "stmt: ";
var_dump($stmt);
echo "<br />";

echo "result: ";
var_dump($result);
echo "<br />";

echo "fetched: ";
var_dump($fetched);
echo "<br />";
?>

  </body>

</html>
  • 写回答

3条回答 默认 最新

  • douba9020 2018-05-31 06:48
    关注

    Alternatively, you could change your settings to PDO::ATTR_EMULATE_PREPARES => true. This will allow you to bind the same named parameter multiple times by preparing the statements in PDO itself, rather than on the MySQL server.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度