无法使用PDO连接到MySQL服务器[重复]

This question already has an answer here:

How can I get useful error messages in PHP? 26 answers

I'm trying to prevent SQL injection using PDO, but I can't seem to connect. This is the working version - not SQL injection safe:

<html>
    <head>
    <title>Insert data into database</title>
    </head>
    <body>
    <?php


    session_start();
    $_SESSION['name'] = $_POST['name'];

    // Connect to database server
    mysql_connect("localhost", "********", "********") or die(mysql_error());

    // Select database
    mysql_select_db("mydatabase") or die(mysql_error());

    // The SQL statement is built

    $strSQL = "INSERT INTO mytable(name) VALUES('" . $_POST["name"] . "')";

    // The SQL statement is executed 
    mysql_query($strSQL) or die (mysql_error());



    // Close the database connection
    mysql_close();

    echo "Your name is " . $_POST["name"] ; 

    ?>

    </body>
    </html>

This is working just fine. I read these pages on how to use PDO to protect against SQL injection attacks:

http://www.w3schools.com/php/php_mysql_connect.asp

http://www.w3schools.com/sql/sql_injection.asp

and wrote the following code following the guideline:

<html>
    <head>
    <title>Insert data into database</title>
    </head>
    <body>
    <?php


    session_start();
    $_SESSION['name'] = $_POST['name'];

    $servername = "localhost";
    $username = "********";
    $password = "********";

    try {
        $conn = new PDO("mysql:host=$servername, dbname=mydatabase", $username, $password);
        // set the PDO error mode to exception
        $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        echo "Connected successfully";
        }
    catch(PDOException $e)
        {
        echo "Connection failed: " . $e->getMessage();
        }

    echo "You have connected to the database server with PDO"

    // The SQL statement is built
    $stmt = $dbh->prepare("INSERT INTO mytable (name)
    VALUES (:name)");
    $stmt->bindParam(':name', $_POST['name']);
    $stmt->execute();


    // Close the database connection
    mysql_close();

    echo "Your name is " . $_POST["name"] ; 

    ?>

    </body>
    </html>

But this code just gives me a blank page - no error message and nothing inserted into the database.

I also tried doing the connection as described in

http://www.stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php

but the result was the same - a blank page without error messages.

What am I doing wrong?

</div>

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dongzhuo3376 2015-07-19 18:19
关注
You're using the wrong variable for $stmt = $dbh->prepare

which should be $conn and not $dbh as per your connection.

Having used error reporting, would have signabled an undefined variable dbh notice/warning.

You also can't use mysql_close(); with PDO as you are mixing APIs, which you can't do.

See Example #3 Closing a connection of "Connections and Connection" in the manual http://php.net/manual/en/pdo.connections.php

Another thing session_start(); is best to be above anything. You may be outputting before header.

Edit: You forgot a semi-colon in this line:

echo "You have connected to the database server with PDO"

which should read as

echo "You have connected to the database server with PDO";

which will break your code.

Error reporting would also have caught that syntax/parse error.

http://php.net/manual/en/function.error-reporting.php

Add error reporting to the top of your file(s) which will help find errors.

<?php error_reporting(E_ALL); ini_set('display_errors', 1); // rest of your code

Sidenote: Error reporting should only be done in staging, and never production.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

无法使用PDO连接到MySQL服务器[重复] mysql php
2015-07-19 18:13

回答 1 已采纳 You're using the wrong variable for $stmt = $dbh->prepare which should be $conn and not $dbh
如何使用PHP函数使用PDO连接到MySQL [关闭] mysql php
2019-08-19 17:03

回答 1 已采纳 1) As referenced by HTMHell, your $config array is local here and I believe this should be delete
在外部PHP文件中使用PDO连接mysql数据库[重复] mysql php
2015-07-17 10:18

回答 2 已采纳 In your code, you first create a connection to the database, then you set it to null. Whenever you
mysql大数据更新缓存_redis缓存mysql
2021-02-07 14:56

weixin_32243075的博客 mysqludf_json.so lib_mysqludf_json.c 将lib_mysqludf_json.so模块拷贝到mysql的插件目录 cp lib_mysqludf_json.so /usr/lib64/mysql/plugin/ 注册UDF函数（只用于mysql5.7以前的版本，5.7以后mysql自带JSON格式...
使用PDO从PHP无法连接到MySQL mysql php
2014-05-24 13:49

回答 1 已采纳 mysql:host=localhost;dbname=;pizzadb3 Needs to be: mysql:host=localhost;dbname=pizzadb3;
MySQL服务器在PHP中使用PDO连接已经消失 mysql php
2015-12-27 00:35

回答 1 已采纳 I had to upgrade MySQL to version 5.7.10 and now everything is working correctly.
PDO不连接到远程mysql数据库 mysql php
2017-07-31 06:30

回答 1 已采纳 Assuming your database contains tables, try running the following: $statement = $DBH->query('S
php查询mysql表里的数据_PHP/MYSQL 查询大数据/遍历表
2020-12-19 14:59

weixin_39602891的博客 PHP：PHP 5.3.6 (cli) (built: Jun 15 2011 16:29:50)MYSQL：5.1.51如果我们有的一张表有几百万或几千万的记录，我们要使用 PHP 将所有的记录都获取过来(遍历数据表)进行处理。查询语句：SELECT * FROM largetable;...
如何配置wampserver使用PDO连接到mssql服务器？ php
2014-12-09 15:58

回答 3 已采纳 I have uninstalled WampServer64 and installed WampServer32. Then everything is OK now. My connect
PDO：MySQL服务器已经消失，无法捕获异常 mysql php
2018-10-07 02:46

回答 1 已采纳 As determined in the comments, you're running this code within another namespace. This means that
PHP / PDO连接到Mysql，但查询似乎没有执行 mysql php
2015-05-05 04:14

回答 1 已采纳 I think you should correct this row, by removing ' around :date & :reason - like this: "` SET `r
mysql大批量插入数据的4种方法示例
2020-12-16 05:23

这种方法是通过将数据文件上传到MySQL服务器，然后使用LOAD DATA INFILE语句快速导入数据。这种方法非常高效，特别适合处理大数据量的导入。在PHP中，可以通过PDO扩展配置`MYSQL_ATTR_LOCAL_INFILE`选项来启用此功能...
无法使用PDO连接到数据库 php
2015-04-07 07:00

回答 1 已采纳 It seems like your paths for autoloading your classes is wrong, please try the following: spl_aut
PDO操作大数据对象
2020-11-26 18:02

码农老张Zy的博客 PDO操作大数据对象一般在数据库中，我们保存的都只是 int 、 varchar 类型的数据，一是因为现代的关系型数据库对于这些内容会有很多的优化，二是大部分的索引也无法施加在内容过多的...
Mysql中返回一个数据库的所有表名,列名数据类型备注
2020-12-15 13:53

`命令可以列出当前MySQL服务器上的所有数据库。若要切换到特定数据库，可以使用`USE 数据库名;`命令。然后，可以使用`SHOW TABLES;`来查看该数据库内的所有表。 2. **查询列信息** 要获取某个表的列信息，包括列名...
mysql 大数据 查询优化原则
2017-05-18 16:37

大树叶的博客今天，数据库的操作越来越成为整个应用的性能瓶颈了，这点对于Web应用尤其明显。...这里，我们不会讲过多的SQL语句的优化，而只是针对MySQL这一Web应用最多的数据库。希望下面的这些优化技巧对你有用。　
PHP导出MySQL数据到Excel文件(fputcsv)
2020-12-17 23:48

然而，对于非常大的数据集，可能需要考虑其他解决方案，如分批处理、使用服务器端缓存或者借助专门处理大数据导出的库，如PHPExcel。总结起来，使用`fputcsv`函数和适当的技术手段，我们可以高效地将MySQL数据库中...
php+mysql导出大数据
2019-03-13 16:51

来自农村的小伙子的博客 $pdo = new \PDO('mysql:host=127.0.0.1;dbname=test', 'root', 'root'); $pdo->setAttribute(\PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, false); $rows = $pdo->query($sql); $filename = date('Ymd') . '.csv'; //设置...
PHP_MySQL.tar.gz_PHP + mysql_mysql 教程_mysql教程_php_php mysql
2022-09-14 16:15

1. 连接MySQL：PHP通过mysqli或PDO扩展与MySQL建立连接。mysqli是MySQL Improved Extension，支持面向对象和过程式两种编程风格；PDO（PHP Data Objects）则提供了一种统一的接口来访问多种数据库。 2. 数据库操作...
用PDO存取图片等大数据对象
2017-12-09 23:32

u012600104的博客一般我们存储图片和视频等大数据是这样的：把图片或视频上传到服务器，然后，把图片或视频的路径保存到数据库表里面，当查询时可以搜索一下数据库表，然后，拼接一个图片或视频路径，显示到浏览器上面。pdo存储...
没有解决我的问题, 去提问

悬赏问题

¥15 metadata提取的PDF元数据，如何转换为一个Excel
¥15 关于arduino编程toCharArray()函数的使用
¥100 vc++混合CEF采用CLR方式编译报错
¥15 coze 的插件输入飞书多维表格 app_token 后一直显示错误，如何解决？
¥15 vite+vue3+plyr播放本地public文件夹下视频无法加载
¥15 c#逐行读取txt文本，但是每一行里面数据之间空格数量不同
¥50 如何openEuler 22.03上安装配置drbd
¥20 ING91680C BLE5.3 芯片怎么实现串口收发数据
¥15 无线连接树莓派，无法执行update，如何解决？（相关搜索：软件下载）
¥15 Windows11, backspace, enter, space键失灵

无法使用PDO连接到MySQL服务器[重复]

1条回答 默认 最新

悬赏问题

1条回答默认最新