douguai6716 2015-07-17 06:30
浏览 15
已采纳

查询看起来不错,但我有错误

I have this SQL Query

$sql = $conn->prepare('INSERT INTO Accounts (Status, Username, Password, FirstName, LastName, EmailAddress, API_Status, API_Key, About) VALUES (:Status, :Username, :Password, :FirstName, :LastName, :EmailAddress, :API_Status, API_Key, :About)');
$sql->execute(array('Status' => 'NotActive', 'Username' => $Username, 'Password' => $PasswordHash, 'FirstName' => $FirstName, 'LastName' => $LastName, 'EmailAddress' => $EmailAddress, 'API_Status' => 'OFF', 'API_Key' => $API_Key, 'About' => $Other));

When executing this query I'm using try { and 

catch(PDOException $e) {
   echo $sql . "<br>" . $e->getMessage();
}

Now when I run script Iget this PHP error:

Catchable fatal error: Object of class PDOStatement could not be converted to string in /var/www/html/register.php on line 94

How I can slove this problem?

  • 写回答

2条回答 默认 最新

  • doulu2011 2015-07-17 07:58
    关注

    Problems with question.

    1. Wrong naming. SQL is a text that is passed to prepare(). While returned value is an object. Problem not solved.
    2. Due to wrong naming the OP is trying to echo an object. Problem not solved.
    3. Thanks to the great site of Stack Overflow, the OP is taught terrible wrong way of handling PDO errors, with useless try..catch stuff. Problem not solved.
    4. : is missed for one placeholder. The only problem solved.

    As a result, next time this query throws an exception, THE SAME UTTERLY USELESS and irrelevant error message will be produced.

    What should be done instead?

    $sql = 'INSERT INTO Accounts 
    (Status, Username, Password, FirstName, LastName, EmailAddress,
     API_Status, API_Key, About) 
    VALUES (:Status, :Username, :Password, :FirstName, 
    :LastName, :EmailAddress, :API_Status, :API_Key, :About)';
$data = array(
    'Status' => 'NotActive', 
    'Username' => $Username, 
    'Password' => $PasswordHash, 
    'FirstName' => $FirstName, 
    'LastName' => $LastName, 
    'EmailAddress' => $EmailAddress, 
    'API_Status' => 'OFF', 
    'API_Key' => $API_Key, 
    'About' => $Other
);
$conn->prepare($sql)->execute($data);

    What do we have here?

    • proper naming. if one have a fancy of echoing an SQL query, they will be no mistaken.
    • readability. No long and windy code off the screen, allowing us to visually inspect the query and find the syntax error.
    • corrected placeholder syntax.
    • no statement object is echoed. Neither SQL is, as it makes very little sense in case of a prepared statement.
    • no stupid try..catch block. Means PHP will be able to notify PHP user in case of error occurred.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 关于#hadoop#的问题
  • ¥15 (标签-Python|关键词-socket)
  • ¥15 keil里为什么main.c定义的函数在it.c调用不了
  • ¥50 切换TabTip键盘的输入法
  • ¥15 可否在不同线程中调用封装数据库操作的类
  • ¥15 微带串馈天线阵列每个阵元宽度计算
  • ¥15 keil的map文件中Image component sizes各项意思
  • ¥20 求个正点原子stm32f407开发版的贪吃蛇游戏
  • ¥15 划分vlan后,链路不通了?
  • ¥20 求各位懂行的人,注册表能不能看到usb使用得具体信息,干了什么,传输了什么数据