你的 SQL 语法错误?
You have an error in your SQL syntax error?
我有这个函数,其中有一个非常简单的 SQL,它在没有语法的地方给出了错误。
function createPetition($conn, $pName, $pTarget, $pDescription, $userId) {
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
//$sql2 = "INSERT INTO petitions (`petitionDate`) VALUES (NOW());";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: ./index.php?error=stmtfailed");
exit();
}
/*if (!mysqli_stmt_prepare($stmt, $sql2)) {
header("location: ./index.php?error=stmtdatefailed");
exit();
}*/
mysqli_stmt_bind_param($stmt, "ssss", $pName, $pTarget, $pDescription, $userId);
if (!mysqli_query($conn, $sql)) {
echo "Error description: " . mysqli_error($conn);
} else {
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
header("location: ./petitionfinal.php?error=none");
exit();
}
}
其结果是
Error description: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '?, ?, ?, ?)' at line 1
明确无误时
备注
您可能不应该在函数内部使用 exit:return 是更好的选择。
当您使用绑定参数时,您不能在 query 和 prepare 之间 flip-flop。该参数仅在 execute 语句期间绑定。
如果使用对象样式 methods 与过程样式 functions.
相比,数据库交互会容易得多
问题
您的最终 if 语句有 mysqli_query,它不适用于 prepared 语句和 bound 变量。
它尝试运行 字面值$sql 的查询。这就是错误响应中有 ??? 的原因。
代码示例
function createPetition($conn, $pName, $pTarget, $pDescription, $userId){
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
//$sql2 = "INSERT INTO petitions (`petitionDate`) VALUES (NOW());";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: ./index.php?error=stmtfailed");
exit();
}
/*if (!mysqli_stmt_prepare($stmt, $sql2)) {
header("location: ./index.php?error=stmtdatefailed");
exit();
}*/
mysqli_stmt_bind_param($stmt, "ssss", $pName, $pTarget, $pDescription, $userId);
if (!mysqli_stmt_execute($stmt)) {
echo("Error description: " . mysqli_error($conn));
}else{
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
header("location: ./petitionfinal.php?error=none");
exit();
}
}
首选代码
function createPetition($conn, $pName, $pTarget, $pDescription, $userId){
$sql = "
INSERT INTO petitions
(petitionName, petitionTarget, petitionDescription, usersId)
VALUES
(?, ?, ?, ?)
";
$query = $conn->prepare($sql);
$query->bind_param("ssss", $pName, $pTarget, $pDescription, $userId);
if($query->execute()){
return TRUE;
}
else{
// return $mysqli->error;
return false;
}
}
// You should carry out error reporting or re-directs outside of your function.
/*
For example:
$makePetition = createPetition($conn, $pName, $pTarget, $pDescription, $userId);
if($makePetition === TRUE){
header("location: ./petitionfinal.php?error=none");
}
else{
header("location: ./index.php?error=stmtfailed");
}
*/
问题是你的代码中有一个流氓 mysqli_query()。您需要将其删除。
您可能错过了它,因为您的代码太多了。你应该删除大部分。你真的不需要全部。
代码应如下所示:
function createPetition(mysqli $conn, $pName, $pTarget, $pDescription, $userId) {
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssss", $pName, $pTarget, $pDescription, $userId);
$stmt->execute();
header("location: ./petitionfinal.php?error=none");
exit();
}
但是,在函数内部进行重定向并不是一个好主意。我强烈建议把它从功能中取出来。
function createPetition(mysqli $conn, $pName, $pTarget, $pDescription, $userId) {
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssss", $pName, $pTarget, $pDescription, $userId);
$stmt->execute();
}
// when you call
createPetition($conn, $pName, $pTarget, $pDescription, $userId);
header("location: ./petitionfinal.php?error=none");
exit();
看看它有多好。现在更容易发现错误。
如果您想知道错误是怎么回事,那么我必须向您指出 How to get the actual mysql error and fix it?
我有这个函数,其中有一个非常简单的 SQL,它在没有语法的地方给出了错误。
function createPetition($conn, $pName, $pTarget, $pDescription, $userId) {
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
//$sql2 = "INSERT INTO petitions (`petitionDate`) VALUES (NOW());";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: ./index.php?error=stmtfailed");
exit();
}
/*if (!mysqli_stmt_prepare($stmt, $sql2)) {
header("location: ./index.php?error=stmtdatefailed");
exit();
}*/
mysqli_stmt_bind_param($stmt, "ssss", $pName, $pTarget, $pDescription, $userId);
if (!mysqli_query($conn, $sql)) {
echo "Error description: " . mysqli_error($conn);
} else {
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
header("location: ./petitionfinal.php?error=none");
exit();
}
}
其结果是
Error description: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '?, ?, ?, ?)' at line 1
明确无误时
备注
您可能不应该在函数内部使用
exit:return是更好的选择。当您使用绑定参数时,您不能在
query和prepare之间 flip-flop。该参数仅在execute语句期间绑定。如果使用对象样式
相比,数据库交互会容易得多methods与过程样式functions.
问题
您的最终 if 语句有 mysqli_query,它不适用于 prepared 语句和 bound 变量。
它尝试运行 字面值$sql 的查询。这就是错误响应中有 ??? 的原因。
代码示例
function createPetition($conn, $pName, $pTarget, $pDescription, $userId){
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
//$sql2 = "INSERT INTO petitions (`petitionDate`) VALUES (NOW());";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: ./index.php?error=stmtfailed");
exit();
}
/*if (!mysqli_stmt_prepare($stmt, $sql2)) {
header("location: ./index.php?error=stmtdatefailed");
exit();
}*/
mysqli_stmt_bind_param($stmt, "ssss", $pName, $pTarget, $pDescription, $userId);
if (!mysqli_stmt_execute($stmt)) {
echo("Error description: " . mysqli_error($conn));
}else{
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
header("location: ./petitionfinal.php?error=none");
exit();
}
}
首选代码
function createPetition($conn, $pName, $pTarget, $pDescription, $userId){
$sql = "
INSERT INTO petitions
(petitionName, petitionTarget, petitionDescription, usersId)
VALUES
(?, ?, ?, ?)
";
$query = $conn->prepare($sql);
$query->bind_param("ssss", $pName, $pTarget, $pDescription, $userId);
if($query->execute()){
return TRUE;
}
else{
// return $mysqli->error;
return false;
}
}
// You should carry out error reporting or re-directs outside of your function.
/*
For example:
$makePetition = createPetition($conn, $pName, $pTarget, $pDescription, $userId);
if($makePetition === TRUE){
header("location: ./petitionfinal.php?error=none");
}
else{
header("location: ./index.php?error=stmtfailed");
}
*/
问题是你的代码中有一个流氓 mysqli_query()。您需要将其删除。
您可能错过了它,因为您的代码太多了。你应该删除大部分。你真的不需要全部。
代码应如下所示:
function createPetition(mysqli $conn, $pName, $pTarget, $pDescription, $userId) {
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssss", $pName, $pTarget, $pDescription, $userId);
$stmt->execute();
header("location: ./petitionfinal.php?error=none");
exit();
}
但是,在函数内部进行重定向并不是一个好主意。我强烈建议把它从功能中取出来。
function createPetition(mysqli $conn, $pName, $pTarget, $pDescription, $userId) {
$sql = "INSERT INTO petitions (petitionName, petitionTarget, petitionDescription, usersId) VALUES (?, ?, ?, ?);";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssss", $pName, $pTarget, $pDescription, $userId);
$stmt->execute();
}
// when you call
createPetition($conn, $pName, $pTarget, $pDescription, $userId);
header("location: ./petitionfinal.php?error=none");
exit();
看看它有多好。现在更容易发现错误。
如果您想知道错误是怎么回事,那么我必须向您指出 How to get the actual mysql error and fix it?