PHP MySQL 在准备好的语句中围绕匿名变量抛出错误
PHP MySQL throwing error around anonymous variables in prepared statement
当我 运行 准备好的语句时,出现以下错误:
Error: INSERT INTO articles (url, headline, pubDate, source, image_loc) VALUES (?, ?, ?, ?, ?)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?, ?, ?, ?)' at line 6
这是似乎引发错误的代码:
$sql = "INSERT INTO $tableName (`url`,
`headline`,
`pubDate`,
`source`,
`image_loc`)
VALUES(?, ?, ?, ?, ?)";
// MySQLi connection, binds variables to prevent injection, executes
$stmt = $connection->prepare($sql);
$stmt->bind_param('sssss', $url, $headline, $pubDate, $source, $image_loc);
$stmt->execute();
编辑:这是我在单独文件中设置的连接。它的工作原理是一切都被保存了......我只是仍然抛出一个错误。
$servername = "localhost";
$username = "xxxxxx";
$password = "xxxxxx";
$dbname = "news";
$tableName = "articles";
$connection = mysqli_connect($servername, $username, $password, $dbname);
if (!$connection) {
die("Connection failed: " . mysqli_connect_error());
}
再次编辑:这是用来检查插入是否成功的代码,虽然我猜这可能是问题的根源(但我没有足够的经验来理解为什么) :
if (mysqli_query($connection, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}
您的代码:
if (mysqli_query($connection, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}
...使用 mysqli_query()。这实际上是执行查询的另一种方式,只是与 execute() 不同的是它不使用绑定参数。它只是将查询、问号和所有内容发送到数据库,从而造成您的错误。
如果您想检查错误,您应该在 运行 时检查 execute() 语句的结果,而不是执行进一步的查询。将您的 $stmt->execute() 行替换为类似这样的内容,以执行查询并测试是否成功:
if ($stmt->execute()) {
// Success
} else {
// Failure
}
而不是
if (mysqli_query($connection, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}
你应该像这样使用 mysqli::$affected_rows 属性;
if ($connection->affected_rows > 0) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $connection->error() . "<br>";
}
当我 运行 准备好的语句时,出现以下错误:
Error: INSERT INTO articles (
url,headline,pubDate,source,image_loc) VALUES (?, ?, ?, ?, ?) You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?, ?, ?, ?)' at line 6
这是似乎引发错误的代码:
$sql = "INSERT INTO $tableName (`url`,
`headline`,
`pubDate`,
`source`,
`image_loc`)
VALUES(?, ?, ?, ?, ?)";
// MySQLi connection, binds variables to prevent injection, executes
$stmt = $connection->prepare($sql);
$stmt->bind_param('sssss', $url, $headline, $pubDate, $source, $image_loc);
$stmt->execute();
编辑:这是我在单独文件中设置的连接。它的工作原理是一切都被保存了......我只是仍然抛出一个错误。
$servername = "localhost";
$username = "xxxxxx";
$password = "xxxxxx";
$dbname = "news";
$tableName = "articles";
$connection = mysqli_connect($servername, $username, $password, $dbname);
if (!$connection) {
die("Connection failed: " . mysqli_connect_error());
}
再次编辑:这是用来检查插入是否成功的代码,虽然我猜这可能是问题的根源(但我没有足够的经验来理解为什么) :
if (mysqli_query($connection, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}
您的代码:
if (mysqli_query($connection, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}
...使用 mysqli_query()。这实际上是执行查询的另一种方式,只是与 execute() 不同的是它不使用绑定参数。它只是将查询、问号和所有内容发送到数据库,从而造成您的错误。
如果您想检查错误,您应该在 运行 时检查 execute() 语句的结果,而不是执行进一步的查询。将您的 $stmt->execute() 行替换为类似这样的内容,以执行查询并测试是否成功:
if ($stmt->execute()) {
// Success
} else {
// Failure
}
而不是
if (mysqli_query($connection, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}
你应该像这样使用 mysqli::$affected_rows 属性;
if ($connection->affected_rows > 0) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $connection->error() . "<br>";
}