尝试使用准备好的语句时出现未捕获的异常 'PDOException'
Uncaught exception 'PDOException' when trying to use prepared statements
我是 PDO 的新手,我想了解如何制作准备好的陈述,但我看不出我做错了什么这是我的信息
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: parameter was not defined' in C:\xampp\htdocs\Final\include\addbloguser.php:66 Stack trace: #0 C:\xampp\htdocs\Final\include\addbloguser.php(66): PDOStatement->execute() #1 C:\xampp\htdocs\Final\blogcp.php(49): require('C:\xampp\htdocs...') #2 {main} thrown in C:\xampp\htdocs\Final\include\addbloguser.php on line 66
这是代码。我很确定我犯了很多错误,如果你有时间,你能向我解释我做错了什么以及如何解决吗?
<?php
try {
require SITE_ROOT . '\include\db_connect.php';
}
catch(PDOException $e)
{
echo $e->getMessage();
}
$name = $_POST['fname'];
$lname = $_POST['lname'];
$username = $_POST['username'];
$state = "basic";
$email = $_POST['email'];
$password = $_POST['pass'];
$password1 = $_POST['rpass'];
//verifications
//password
if (empty($name) || empty($username) || empty($email) || empty($password) || empty($password1)){
$error = "Complete all fields";
}
if ($password != $password1){
$error = "Passwords don't match";
}
if (strlen($password) <= 6){
$error = "Choose a password longer than 6 character";
}
if(!isset($error)){
//no error
$sthandler = $conn->prepare("SELECT username FROM blogusers WHERE username = :username");
$sthandler->bindParam(':username', $username);
$sthandler->execute();
if($sthandler->rowCount() > 0){
echo "exists! cannot insert";
} else {
//Securly insert into database
$sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password) VALUES (:name,:lnane:,:username,:state,:email,:password)';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':name',$name);
$stmt->bindParam(':lname',$lname);
$stmt->bindParam(':username',$username);
$stmt->bindParam(':state',$state);
$stmt->bindParam(':email',$email);
$stmt->bindParam(':password',$password);
$name = $_POST['fname'];
$lname = $_POST['lname'];
$username = $_POST['username'];
$state = "basic";
$email = $_POST['email'];
$password = $_POST['pass'];
$stmt->execute();
}
}else{
echo "error occured: ".$error;
exit();
}
?>
您的插入正在使用 :lnane:,而您正在绑定 :lname。
$sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password)
VALUES (:name,:lnane:,:username,:state,:email,:password)';
更正后的行如下所示:
$sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password)
VALUES (:name,:lname,:username,:state,:email,:password)';
我是 PDO 的新手,我想了解如何制作准备好的陈述,但我看不出我做错了什么这是我的信息
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: parameter was not defined' in C:\xampp\htdocs\Final\include\addbloguser.php:66 Stack trace: #0 C:\xampp\htdocs\Final\include\addbloguser.php(66): PDOStatement->execute() #1 C:\xampp\htdocs\Final\blogcp.php(49): require('C:\xampp\htdocs...') #2 {main} thrown in C:\xampp\htdocs\Final\include\addbloguser.php on line 66
这是代码。我很确定我犯了很多错误,如果你有时间,你能向我解释我做错了什么以及如何解决吗?
<?php
try {
require SITE_ROOT . '\include\db_connect.php';
}
catch(PDOException $e)
{
echo $e->getMessage();
}
$name = $_POST['fname'];
$lname = $_POST['lname'];
$username = $_POST['username'];
$state = "basic";
$email = $_POST['email'];
$password = $_POST['pass'];
$password1 = $_POST['rpass'];
//verifications
//password
if (empty($name) || empty($username) || empty($email) || empty($password) || empty($password1)){
$error = "Complete all fields";
}
if ($password != $password1){
$error = "Passwords don't match";
}
if (strlen($password) <= 6){
$error = "Choose a password longer than 6 character";
}
if(!isset($error)){
//no error
$sthandler = $conn->prepare("SELECT username FROM blogusers WHERE username = :username");
$sthandler->bindParam(':username', $username);
$sthandler->execute();
if($sthandler->rowCount() > 0){
echo "exists! cannot insert";
} else {
//Securly insert into database
$sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password) VALUES (:name,:lnane:,:username,:state,:email,:password)';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':name',$name);
$stmt->bindParam(':lname',$lname);
$stmt->bindParam(':username',$username);
$stmt->bindParam(':state',$state);
$stmt->bindParam(':email',$email);
$stmt->bindParam(':password',$password);
$name = $_POST['fname'];
$lname = $_POST['lname'];
$username = $_POST['username'];
$state = "basic";
$email = $_POST['email'];
$password = $_POST['pass'];
$stmt->execute();
}
}else{
echo "error occured: ".$error;
exit();
}
?>
您的插入正在使用 :lnane:,而您正在绑定 :lname。
$sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password)
VALUES (:name,:lnane:,:username,:state,:email,:password)';
更正后的行如下所示:
$sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password)
VALUES (:name,:lname,:username,:state,:email,:password)';