PHP MySQL查询数据库和WHERE子句

I am learning PHP and MySQL and am having one or two problems with the build.

I have an HTML form that the user inputs their details and the details of a dog. The script then checks the database for the users name and the dogs name. If both exist within the database then the user_ID on the dog table is changed to change the ownership. If the User does not exist then the users details will be inputted into the database and the ownership changed.

I did have the whole thing working but was not using bindParam for the collection from the form and was advised this would be a much better option. This is where the fun started. I am now able to count the rows on the table using the script below, however, I am not able to use the WHERE clause within the SELECT query. I have tried placing "WHERE name_first = :name_first" but this failed with a "Parameter not defined" error.

I need to be able to user both the first and last name of the user to be able to select that users ID from the database.

I also have an other question in regards to the use of prepared statements. If I use the statement at the top of the script to SELECT from the database and all the forms inputs are bound to $STH, how do I then run a different query, for instance how do I INSERT the user details into the database using the same binds?

Could someone please have a look at the script and tell me where I am going wrong please?

<?php

/***mysql username***/
$user = 'root';

/***mysql password***/
$pass = '';

if ($_SERVER['REQUEST_METHOD'] == "POST") {
try {                   
    $DBH = new PDO('mysql:host=localhost;dbname=kennel_cert;', $user, $pass);
    $DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $DBH->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);

    //Queries
    $sql1 = "SELECT user_ID FROM user_details";
    $sql2 = "SELECT dog_ID FROM dog_details";

    $STH = $DBH->prepare("SELECT * FROM user_details");  //Needs a WHERE clause to work
    //var_export($STH);

    //User details form
    $STH->bindParam(':name_first', $_POST['name_first']);
    $STH->bindParam(':name_last', $_POST['name_last']);
    $STH->bindParam(':email', $_POST['email']);
    $STH->bindParam(':telephone', $_POST['telephone']);
    $STH->bindParam(':name_number', $_POST['name_number']);
    $STH->bindParam(':street', $_POST['street']);
    $STH->bindParam(':city', $_POST['city']);
    $STH->bindParam(':county', $_POST['county']);
    $STH->bindParam(':postcode', $_POST['postcode']);

    //Dog details form
    $STH->bindParam(':dog_reg', $_POST['dog_reg']);
    $STH->bindParam(':name', $_POST['name']);
    $STH->bindParam(':microchip', $_POST['microchip']);
    $STH->bindParam(':gender', $_POST['gender']);
    $STH->bindParam(':day', $_POST['day']);
    $STH->bindParam(':month', $_POST['month']);
    $STH->bindParam(':year', $_POST['year']);

    $STH->execute();                                    //Execute the select script

    //Use this to count the users - However without the WHERE it is counting all users not the one submitted into the form
    if($STH->rowCount() > 0) {
        echo "Exists <br>"; }
    else {
        echo "Doesn't exist <br>"; }

    //var_export($userQuery);                           //Displays the contents of the query for testing

    //Find if user exists in database - Again another way of counting the total but not the one inputed into the form
    $userResult = $DBH->query($sql1);

    if ($userResult !== false) {
        $count = $userResult->rowCount();
        echo 'Number of users: '.$count. '<br>';

    foreach($userResult as $row) {
    echo $row['user_ID'].'<br>';
    }
    }

    //Find if dog exists in database - Again another way of counting the total but not the one inputed into the form
    $dogResult = $DBH->query($sql2);

    if ($dogResult !== false) {
        $count = $dogResult->rowCount();
        echo 'Number of dogs: '.$count. '<br>';

    foreach($dogResult as $row) {
    echo $row['dog_ID'].'<br>';
    }
    }



    } catch (PDOException $e) {
        echo $e->getMessage();
        }
        //echo "<p>Data submitted successfully</p>";
}       
//Disconnect from the server
$DBH = null;

?>

OK so I have changed the query to look like this:

$sql = "SELECT user_ID 
        FROM user_details 
        WHERE name_first = :name_first 
        AND name_last = :name_last";

$STH = $DBH->prepare($sql);

When I run this I get this error:

PDOStatement::__set_state(array( 'queryString' => 'SELECT user_ID FROM user_details        WHERE name_first = :name_first AND name_last = :name_last', ))

SQLSTATE[HY093]: Invalid parameter number: parameter was not defined

I am completely lost, I am going round in circle and can not find anything that is helping me to solve this.

I did have the script running as I stated using this setup, however, I was told to use the bindParam for the form and this is killing both the script and me.

<?php

/***mysql username***/
$user = 'root';

/***mysql password***/
$pass = '';

if ($_SERVER['REQUEST_METHOD'] == "POST") {
try {                   
    $DBH = new PDO('mysql:host=localhost;dbname=kennel_cert;', $user, $pass);
    $DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $DBH->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);

    //Queries
    $userQuery = $DBH->query("SELECT user_ID FROM user_details WHERE name_first = '$first' AND name_last = '$last'"); //Checks if the user exists in the database
    $dogQuery = $DBH->query("SELECT dog_ID FROM dog_details WHERE dog_ID = '$dog_reg' AND name = '$name' AND gender = '$gender'"); 

    //User details form
    $first = $_POST['name_first'];
    $last = $_POST['name_last'];
    $email = $_POST['email'];
    $telephone = $_POST['telephone'];
    $name_number = $_POST['name_number'];
    $street = $_POST['street'];
    $city = $_POST['city'];
    $county = $_POST['county'];
    $postcode = $_POST['postcode'];

    //Dog details form
    $dog_reg = $_POST['dog_reg'];
    $name = $_POST['name'];
    $microchip = $_POST['microchip'];
    $gender = $_POST['gender'];
    $day = $_POST['day'];
    $month = $_POST['month'];
    $year = $_POST['year'];

    $u = "";                                                //Variable for counting users
    $d = "";                                            //Variable for counting dogs



    //var_export($userQuery);                           //Displays the contents of the query for testing

    //Find if user exists in database
    foreach($userQuery as $row1) {                      //Count the number of users in the database
    $u++;
    }

    //Find if dog exists in database
    foreach($dogQuery as $row2) {                       //Count the number of dogs in the database
    $d++;
    }

    //The echos are for testing purposes
    echo "Dog ID is: ".$row2['dog_ID']."<br>";          //Finds the ID of the dog and displays it
    echo "User ID is: ".$row1['user_ID']."<br>";        //Finds the ID of the user and displays it
    $newUserID = $row1['user_ID'];                      //Store the ID for future use
    $newDogID = $row2['dog_ID'];                        //Store the ID for future use

    //Perform if both user and dog exist
    if ($u > 0 && $d > 0) {                             //If both the user and the dog exist in the database change the owner of the dog
        echo "Both Match";                              //Confirm both exist
        $q = $DBH->prepare("UPDATE dog_details SET user_ID = '$newUserID' WHERE dog_ID = '$newDogID'");  //update the table to change ownership
        $q->execute();                                  //Execute the change
        }

    // Perform if only dog exists
    elseif ($u == 0 && $d > 0) {                        //If the user does not exist but the dog does.
        echo "Dog matches but user does not exist";     //Confirm what exists
        //Insert user details into user_details table and set the foreign user_ID key in the dog_details table 
        $q1 = $DBH->prepare("INSERT INTO user_details (name_first,name_last,email,telephone,name_number,street,city,county,postcode) VALUES ('$first','$last','$email','$telephone','$name_number','$street','$city','$county','$postcode')");
        $q1->execute();
        echo "<br>Insert complete<br>";*/


        }
    elseif ($u > 0 && $d == 0) {
        echo "The dog does not exist - this is a problem";  
        //Form needs returning with values and asks user to check details
        }
    elseif ($u == 0 && $d == 0) {
        echo "Both don't match";
        }

    } catch (PDOException $e) {
        echo $e->getMessage();
        }
        //echo "<p>Data submitted successfully</p>";
}       
//Disconnect from the server
$DBH = null;

?>

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dpjtn48868 2014-05-10 19:45
关注
Check the manual you need to put the placeholders in the sql before binding parameters:

$query = "SELECT * FROM user_details WHERE name_first = :name_first AND name_last = :name_last AND email = :email etc..."; $STH = $DBH->prepare($query);
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

何时使用Where子句和ON子句加入mysql查询？ mysql php
2017-09-26 09:42

回答 3 已采纳 For that I think you need to move AND u.deleted IS NULL into a WHERE clause. Currently that A
PHP和MySQL动态查询仅返回没有where子句的结果 mysql php
2015-09-05 15:56

回答 2 已采纳 Note you need to put single quotes around the item in xitemID='itemHere': $sql = "SELECT * FROM i
PHP：WHERE子句附近的查询（MySQL）出错 mysql php
2017-08-22 09:18

回答 2 已采纳 First of all, learn about prepared Statements to prevent SQL injection. Second you should add all
MySQL查询随机数据的4种方法和性能对比
2020-12-15 08:45

在MySQL数据库中，查询随机数据是一项常见的需求，但如何高效地实现这一操作却是一门学问。本文将探讨四种不同的方法，并进行性能对比。首先，我们来看最直观但也效率最低的方法——方案一： ```sql SELECT * FROM...
MySQL中的WHERE子句用于选择所有 mysql php sql
2017-11-05 16:44

回答 3 已采纳 The normal way of handling this would be: $lrn= "*"; $stmt = $user_home->runQuery('SELECT * FR
使用多个where子句选择多个查询 mysql php
2019-06-10 18:08

回答 5 已采纳 When making a join query you can specify what column to join on. In this case it would be: select
使用where子句和if语句进行MySQL查询 mysql php
2014-03-27 22:09

回答 3 已采纳 I think this can be done with a single query and varying WHERE conditions. You need to first defin
Java、PHP、Node 操作 MySQL 数据库常用方法
2024-08-05 09:39

老三不说话、的博客在 Java 操作 MySQL 数据库的过程中，关键要点包括选择合适的连接方式（如 JDBC 驱动、连接池或 ORM 框架）以满足不同项目的需求。对于数据操作，使用 PreparedStatement 提高安全性和效率，同时注意合理的索引设计...
MySQL JOIN with where子句和group by count mysql php
2015-12-26 04:46

回答 1 已采纳 It's because by WHERE clause, you are specifying to show only the records which have a value task_
PHP MySQL WHERE子句列名错误 mysql php
2015-10-30 07:58

回答 2 已采纳 You will need quotes in your WHERE part. Like so: $sSix = "SELECT count(*) as count FROM `timers`
mysql中的where子句不起作用 mysql php
2018-01-29 14:03

回答 2 已采纳 Replace ->where('isactive'==1) with ->where('isactive = 1') The first passes the result of
数据库MySQL详解
2018-07-24 20:03

砖业洋__的博客全网最详细MySQL教程，2023持续更新中
【大数据面试】MySQL面试题与答案
2023-12-20 17:36

话数Science的博客数据库中的事务是什么，MySQL中是怎么实现的 MySQL事务的特性? 数据库事务的隔离级别?解决了什么问题?默认事务隔离级别? 脏读，幻读，不可重复读的定义 MySQL怎么实现可重复读? 数据库第三范式和第四范式区别? ...
PHP优化之批量操作MySQL实例分析
2020-10-15 10:01

7. **避免在WHERE子句中使用不等或like操作**，这可能导致全表扫描，降低效率。总之，通过批量操作MySQL，结合事务处理和预编译语句等优化手段，可以显著提升PHP应用处理大数据时的性能。在实际开发中，应该根据...
mysql数据库特征_MySQL数据库之MySQL的特点
2021-01-18 18:59

Cross Maker的博客本文主要向大家介绍了MySQL数据库之MySQL的特点，通过具体的内容向大家展现，希望对大家学习MySQL数据库有所帮助。1．它使用的核心线程是完全多线程，支持多处理器。2．有多种列类型：1、2、3、4、和8字节长度...
没有解决我的问题, 去提问

悬赏问题

¥100 X轴为分离变量（因子变量），如何控制X轴每个分类变量的长度。
¥30 求给定范围的全体素数p的(p-2)的连乘积
¥15 VFP如何使用阿里TTS实现文字转语音？
¥100 需要跳转番茄畅听app的adb命令
¥50 寻找一位有逆向游戏盾sdk 应用程序经验的技术
¥15 请问有用MZmine处理 “Waters SYNAPT G2-Si QTOF质谱仪在MSE模式下采集的非靶向数据” 的分析教程吗
¥50 opencv4nodejs 如何安装
¥15 adb push异常 adb: error: 1409-byte write failed: Invalid argument
¥15 nginx反向代理获取ip，java获取真实ip
¥15 eda：门禁系统设计

PHP MySQL查询数据库和WHERE子句

1条回答 默认 最新

悬赏问题

1条回答默认最新