dongnao6858
2012-11-25 00:53
浏览 70
已采纳

PHP PDO插入MySQL错误SQL语法

Well I just started using this new php PDO, and am having this issue. I have a database with a table set up with 19 feilds or so. some are automatically handeled by the database its self, hence the ommitence in the insert section of the code.

The error comes up when the proccess tries to input the phone number into the database. The database is set to accept 12 varchar. The number has 12 varchar as well, but when I look at the debugging info, it looks like the whole function is ommiting the last digit of the phone number and giving me an error of:

array (
  0 => '42000',
  1 => 1064,
  2 => 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \')

I am not sure as to what is going on here. If anyone can point me in the right direction that would be great. Here is my code for the script.

<?php
require_once('../wp-includes/class-phpass.php');

//Create var names
$first_name = $_POST['F_Name'];
$last_name = $_POST['L_Name'];
$phone_number_1 = $_POST['Pnumber1'];
$phone_number_2 = $_POST['Pnumber2'];
$address = $_POST['Address'];
$state = $_POST['State'];
$city = $_POST['City'];
$zip_code = $_POST['Zip'];
$email_1 = $_POST['Email1'];
$email_2 = $_POST['Email2'];
$username = $_POST['Uname'];
$password_1 = $_POST['Pass'];
$jed = $_POST['Jednostka'];
$dob = $_POST['DOB'];
$stopien = $_POST['Stopien'];
$funk = $_POST['FUNK'];
$fullName = $_POST['F_name'].' '.$_POST['L_name'];  
$hasher = new PasswordHash(8, True);
$password = $hasher->HashPassword($password_1);
$ENC =MD5($password_1);
$ERRmsg = "";

    //Checks if any feilds were left empty and creates an error message to display
        if(empty($first_name)) $ERRmsg .= 'You did not enter a First Name!  Pleaase go back and try again! <br/>';
        if(empty($last_name)) $ERRmsg .= 'You did not enter a Last Name!  Please go back and try again! <br/>';
        if(empty($phone_number_1)) $ERRmsg .= 'You did not enter a Phone Number!  Please go back and try again! <br/>';
        if(empty($address)) $ERRmsg .= 'You did not enter an Address!  Please go back and try again! <br/>';
        if(empty($state)) $ERRmsg .= 'You did not choose a State!  Please go back and try again! <br/>';
        if(empty($city)) $ERRmsg .= 'You did not enter a City!  Please go back and try again! <br/>';
        if(empty($zip_code)) $ERRmsg .= 'You did not enter a Zip Code.  Please go back and try again!<br/>';
        if(empty($email_1)) $ERRmsg .= 'You did not enter a Email.  Please go back and try again!<br/>';
        if(empty($email_2)) $ERRmsg .= 'You did not re-enter you Email.  Please go back and try again!<br/>';
        if(empty($username)) $ERRmsg .= 'You did not enter a Username.  Please go back and try again!<br/>';
        if(empty($password_1)) $ERRmsg .= 'You did not enter a password!  Please go back and try again!<br/>';
        if(empty($jed)) $ERRmsg .= 'You did not choose a Jednostka!  Please go back and try again!<br/>';
        if(empty($dob)) $ERRmsg .= 'You did not enter a Date of Birth!  Please go back and try again!<br/>';
        if(empty($stopien)) $ERRmsg .= 'You did not choose a Stopien!  Please go back and try again!<br/>';
        if(empty($funk)) $ERRmsg .= 'You did not enter a Funkcjia!  Please go back and try again!<br/>';
        if($email_1 !== $email_2) $ERRmsg .= 'Your emails did not match!  Please go back and try again!<br/>';

            //Checks to see if error message is empty, if empty does rest of code
            if(empty($ERRmsg))
            {
                try {
                $wdp = new PDO('mysql:host=localhost; dbname=***********', '***********', '***********');
                    echo "<p>Connected to Warta Database</p>
";
                $wdp->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
                        //prepare the SQL statement
                            $wdp_insert = $wdp->prepare
                            ("INSERT INTO Users( 
                            F_NAME,
                            L_Name,
                            P_number1,
                            P_number2,
                            Address,
                            City,
                            State,
                            Zip,
                            Email,
                            username,
                            password,
                            Jednostka,
                            DOB,
                            Stopien,
                            Funkcjia,
                            High,
                            Active,
                            user_email,
                            user_login,
                            user_pass,
                            user_nicename,
                            display_name,
                        )
                        VALUES (
                            :fname,
                            :lname,
                            :pnumber1,
                            :pnumber2,
                            :address,
                            :city,
                            :state,
                            :zip,
                            :email,
                            :username,
                            :password,
                            :jednostka,
                            :DOB,
                            :Stopien,
                            :funkcjia,
                            :jednostka,
                            0,
                            :email,
                            :username,
                            :password,
                            :fullname,
                            :fullname,
                        )"
                        );

                                //Bind the paramaters
                                $wdp_insert->bindParam(':fname', $first_name);
                                $wdp_insert->bindParam(':lname', $last_name);
                                $wdp_insert->bindParam(':pnumber1', $phone_number_1);
                                $wdp_insert->bindParam(':pnumber2', $phone_number_2);
                                $wdp_insert->bindParam(':address', $address);
                                $wdp_insert->bindParam(':city', $city);
                                $wdp_insert->bindParam(':state', $state);
                                $wdp_insert->bindParam(':zip', $zip_code);
                                $wdp_insert->bindParam(':email', $email_1);
                                $wdp_insert->bindParam(':username', $username);
                                $wdp_insert->bindParam(':password', $password);
                                $wdp_insert->bindParam(':jednostka', $jed);
                                $wdp_insert->bindParam(':DOB', $dob);
                                $wdp_insert->bindParam(':Stopien', $stopien);
                                $wdp_insert->bindParam(':funkcjia', $funk);
                                $wdp_insert->bindParam(':fullname', $fullName);

                        //Execute the prepared statement
                            $wdp_insert->execute();
                            echo ("<p>Insert complete</p>
");
                } catch (PDOException $ex) {
                $msg = $ex->errorInfo;
                error_log(var_export($msg, true));
                die("<p>Sorry, there was an unrecoverable database error. Debug data has been logged.</p>");
                };

            }
            else {
                echo ($first_name .' '. $ERRmsg);
                exit;
            }

?>

Any help would be great!

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • duanlianyun0462 2012-11-25 00:58
    已采纳

    You shouldn't have a comma after displayname and :fullname, and before the ending parenthesis.

     . . .
     user_nicename,
     display_name,     <-- superfluous comma
    )
    VALUES (
     . . .
     :fullname,
     :fullname,     <-- superfluous comma
    )"
    

    Some languages (e.g. PHP and Perl) permit commas after the last element in a list, but SQL does not.

    打赏 评论
  • duanjinchen5296 2012-11-25 00:59

    Its your SQL

    Remove the last ,

    on display_name, & :fullname,

    打赏 评论

相关推荐 更多相似问题