dpdhnd3577 2016-05-22 01:29
浏览 48
已采纳

PHP pdo插入查询不起作用

<?php
// DATABASE-HOSTNAME-OR-IPADDRESS-GOES-HERE
// MYSQL-DBNAME-GOES-HERE
class LoginHandler {
    public $dbHostname = 'localhost';
    public $dbDatabaseName = 'employee101';
    public $user = 'root';
    public $password = 'root';
    public function handleRequest($arg) {
        $username = '123';
        $password2 = '123';
        $fname = 'John';
        $lname = 'Doe';
        $age = '18';
        if ( ! $username ) {
            $this->fail();
            return;
        }
        try  {
            $dsn = "mysql:dbname={$this->dbDatabaseName};host={$this->dbHostname};port=8888";
            $pdo = new PDO($dsn, $this->user, $this->password);
            $sql="SELECT * FROM `employee_data` WHERE `username`='$username'";
            $stmt = $pdo->query($sql);
            if ( $stmt === false ) {
                echo "DB Critical Error";
                return;
            }
            elseif ( $stmt->rowCount() > 0 ) {
                echo "user already exists";
                return;
            }
            else {
                echo "User created";
                $sql = "INSERT INTO employee_data (name, sumame, age, username, password)
                VALUES ($fname, $lname, $age, $username, $password2)";
                $dsn = "mysql:dbname={$this->dbDatabaseName};host={$this->dbHostname};port=8888";

                $pdo = new PDO($dsn, $this->user, $this->password);
                $stmtz = $pdo->prepare($sql);

                $stmtz->bindParam($fname, $_POST[$fname], PDO::PARAM_STR);
                $stmtz->bindParam($lname, $_POST[$lname], PDO::PARAM_STR);
                $stmtz->bindParam($age, $_POST[$age], PDO::PARAM_STR);
                $stmtz->bindParam($username, $_POST[$username], PDO::PARAM_STR);
                $stmtz->bindParam($password2, $_POST[$password2], PDO::PARAM_STR);

                $resultzzx = $stmtz->execute();
                return;
            }
        }
        catch(PDOException $e) {
            $this->log('Connection failed: ' . $e->getMessage());
            echo "DB Critical Error";
        }
    }
    function log($msg) {
        file_put_contents("login.log", strftime('%Y-%m-%d %T ') . "$msg
", FILE_APPEND);
    }
}
$handler = new LoginHandler();
$handler->handleRequest($_POST);
?>

When attempting to use this script above, I get the echo that the user was created, but even when refreshing the table, the new entry doesn't show up.

Now, if i change the values line to be the following, it will work and show the new entry.

('John', 'Doe', '18', $username, $password2)";

What am i doing wrong? I need the first name, last name and age entries to not be concrete, as i will be obtaining them from a POST on my android device. The whole purpose of this script is to create the user and it's records if it doesn't already exist.

  • 写回答

2条回答 默认 最新

  • dongpao1926 2016-05-22 02:03
    关注

    You have various mistakes.

    1) You are not binding your parameters correctly. To bind them correctly, you place a :variablename in the position you want to include the variable. Usually the "variablename" should be the same as the one you are obtaining from the $_POST superglobal so that the code is cleaner and more readable.

    2) You are not obtaining the values from the $_POST superglobal correctly. The key values you place inside are strings, and by placing an empty $fname variable, you are not going to obtain a correct result. It would only work if you had coding saying $fname = 'fname' somewhere up top hidden from us, however that code itself would be unadvised since it is unnecessary and only makes the source code larger.

    $sql = "INSERT INTO employee_data (name, sumame, age, username, password)
    VALUES (:fname, :lname, :age, :username, :password2)";
    
    $dsn = "mysql:dbname={$this->dbDatabaseName};host=
    {$this>dbHostname};port=8888";
    
    $pdo = new PDO($dsn, $this->user, $this->password);
    
    $stmtz = $pdo->prepare($sql);
    
    $stmtz->bindParam(':fname', $_POST['fname']);
    $stmtz->bindParam(':lname', $_POST['lname']);
    $stmtz->bindParam(':age', $_POST['age']);
    $stmtz->bindParam(':username', $_POST['username']);
    $stmtz->bindParam(':password2', $_POST['password2']);
    

    I hope that helps.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥30 使用C++实现ATM系统
  • ¥20 求帮,直连能连上oracle12,但是thinkphp6就是报错
  • ¥15 paddleocr运行报错
  • ¥15 怎么用 matlab 设计滞后-超前串联校正网络
  • ¥15 MFC引用C#生成的dll,将dll放置到非exe程序目录,如何操作
  • ¥15 C#创建webservice接口,三方通过多次跳转访问本方服务,获取wsdl文档,wsdl中ip地址为局域网内本机地址而非三方直接访问的地址。
  • ¥15 关于#wireshark#的问题:需要安卓app流量数据集要安卓流量做包序列长度的实验,比如某些流量是在看视频还是在发评论
  • ¥15 Smail语句如何使用判断语句跳过验证卡密界面
  • ¥15 关于#wireshark#的问题:并且能够给数据做标注,如这个流量是在看视频或者是在转账
  • ¥15 运筹优化,gurobi,python