PHP mysqli 准备语句插入错误
PHP mysqli prepared statement INSERT error
我目前正在尝试设置准备好的声明以允许用户注册我的网页。我的 POST 信息从我的表单正确传递到我的提交页面,如果我删除准备好的语句,我能够在提交时成功插入 ?'s,但是我在当前代码中遇到错误。
<?php
if(isset($_POST['submit'])){
$uid = 'NULL';
$fn = $_POST['fn'];
$ln = $_POST['ln'];
$u = $_POST['u'];
$p = $_POST['p'];
$dob = $_POST['dob'];
$sx = $_POST['sx'];
$pn = $_POST['pn'];
$a = $_POST['a'];
$up = $_POST['CURRENT_TIMESTAMP'];
$c = $_POST['cn'];
$s = $_POST['s'];
$z = $_POST['z'];
require_once('../mysqli_connect.php');
$query = "INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a, up)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($mysqli, $query);
if($stmt){
$stmt->bind_param('isssssssssi', $uid, $fn, $ln, $u, $p, $dob, $sx, $pn, $em, $a, $up);
$stmt->execute();
$stmt->close();
}
if (mysqli_query($mysqli, $query)) {
$userid = mysqli_insert_id($mysqli);
echo "Your user ID is ". $userid;
} else {
echo "Error: " . $query . "<br>" . mysqli_error($mysqli);
}
// display error if occurs
var_dump($mysqli);
mysqli_close($mysqli);
?>
这是我收到的错误代码:
Error: INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a, up) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at line 1
我已经尝试更改 php 的版本,我目前是 运行 5.3,但是当我切换到任何其他版本时,我收到 mysqli class 的错误。我试过回勾并引用 ?'s,但这似乎也不起作用。我希望有人可以扩展关于准备好的陈述的现有内容,因为我已经搜索了高低并且无法找到我的问题的根源。所以,我想我的问题是,如何通过准备好的语句正确传递我的变量,以及我需要在 ? 附近使用什么语法?占位符?
更新代码:
if(isset($_POST['submit'])){
$uid = 'NULL';
$fn = $_POST['fn'];
$ln = $_POST['ln'];
$u = $_POST['u'];
$p = $_POST['p'];
$dob = $_POST['dob'];
$sx = $_POST['sx'];
$pn = $_POST['pn'];
$em = $_POST['em'];
$a = $_POST['a'];
$c = $_POST['cn'];
$s = $_POST['s'];
$z = $_POST['z'];
require_once('../mysqli_connect_aimU.php');
$query = "INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if (!$stmt = mysqli_prepare($mysqli, $query)) {
echo "Error: ".$stmt->error;
exit();
}
if(!$stmt->bind_param('isssssssss', $uid, $fn, $ln, $u, $p, $dob, $sx, $pn, $em, $a)){
echo "Error: ".$stmt->error;
}
if($stmt->execute()){
$userid = $stmt->insert_id;
echo "Your user ID is ".$userid;
} else {
echo "Error: ".$stmt->error;
}
$cityid= "SELECT id FROM c WHERE cn = '$c' LIMIT 1";
$result = mysqli_fetch_array($cityid);
if ($result != true) {
$query = "INSERT INTO c (cn) VALUES (?)";
if(!$stmt->bind_param('s', $cn)) {
echo "insert error dawg".$stmt->error;
}
if(!$stmt->execute()){
$cityid = $stmt->insert_id;
echo "Your city ID is".$cityid;
} else {
$query = "INSERT INTO ucl (cid, uid) VALUES (?, ?)";
if(!$stmt = mysqli_prepare($mysqli, $query)) {
echo "Error: ".$stmt->error;
exit();
}
if(!$stmt->bind_param('ss', $cityid, $userid)){
echo "Error: ".$stmt->error;
}
if (!$stmt->execute()){
echo "Error: ".$stmt->error;
}
}
}
您已经使用了准备好的语句,因此您不需要再使用 mysqli_query()。您 can/should 在每个步骤中检查错误以帮助识别任何问题。
$query = "INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a, up)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if (!$stmt = mysqli_prepare($mysqli, $query))
{
echo "Error: ".$stmt->error;
exit();
}
if (!$stmt->bind_param('isssssssssi', $uid, $fn, $ln, $u, $p, $dob, $sx, $pn, $em, $a, $up))
{
echo "Error: ".$stmt->error;
exit();
}
if ($stmt->execute()) {
$userid = $stmt->insert_id;
echo "Your user ID is ". $userid;
} else {
echo "Error: ".$stmt->error;
}
$stmt->close();
我目前正在尝试设置准备好的声明以允许用户注册我的网页。我的 POST 信息从我的表单正确传递到我的提交页面,如果我删除准备好的语句,我能够在提交时成功插入 ?'s,但是我在当前代码中遇到错误。
<?php
if(isset($_POST['submit'])){
$uid = 'NULL';
$fn = $_POST['fn'];
$ln = $_POST['ln'];
$u = $_POST['u'];
$p = $_POST['p'];
$dob = $_POST['dob'];
$sx = $_POST['sx'];
$pn = $_POST['pn'];
$a = $_POST['a'];
$up = $_POST['CURRENT_TIMESTAMP'];
$c = $_POST['cn'];
$s = $_POST['s'];
$z = $_POST['z'];
require_once('../mysqli_connect.php');
$query = "INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a, up)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($mysqli, $query);
if($stmt){
$stmt->bind_param('isssssssssi', $uid, $fn, $ln, $u, $p, $dob, $sx, $pn, $em, $a, $up);
$stmt->execute();
$stmt->close();
}
if (mysqli_query($mysqli, $query)) {
$userid = mysqli_insert_id($mysqli);
echo "Your user ID is ". $userid;
} else {
echo "Error: " . $query . "<br>" . mysqli_error($mysqli);
}
// display error if occurs
var_dump($mysqli);
mysqli_close($mysqli);
?>
这是我收到的错误代码:
Error: INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a, up) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at line 1
我已经尝试更改 php 的版本,我目前是 运行 5.3,但是当我切换到任何其他版本时,我收到 mysqli class 的错误。我试过回勾并引用 ?'s,但这似乎也不起作用。我希望有人可以扩展关于准备好的陈述的现有内容,因为我已经搜索了高低并且无法找到我的问题的根源。所以,我想我的问题是,如何通过准备好的语句正确传递我的变量,以及我需要在 ? 附近使用什么语法?占位符?
更新代码:
if(isset($_POST['submit'])){
$uid = 'NULL';
$fn = $_POST['fn'];
$ln = $_POST['ln'];
$u = $_POST['u'];
$p = $_POST['p'];
$dob = $_POST['dob'];
$sx = $_POST['sx'];
$pn = $_POST['pn'];
$em = $_POST['em'];
$a = $_POST['a'];
$c = $_POST['cn'];
$s = $_POST['s'];
$z = $_POST['z'];
require_once('../mysqli_connect_aimU.php');
$query = "INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if (!$stmt = mysqli_prepare($mysqli, $query)) {
echo "Error: ".$stmt->error;
exit();
}
if(!$stmt->bind_param('isssssssss', $uid, $fn, $ln, $u, $p, $dob, $sx, $pn, $em, $a)){
echo "Error: ".$stmt->error;
}
if($stmt->execute()){
$userid = $stmt->insert_id;
echo "Your user ID is ".$userid;
} else {
echo "Error: ".$stmt->error;
}
$cityid= "SELECT id FROM c WHERE cn = '$c' LIMIT 1";
$result = mysqli_fetch_array($cityid);
if ($result != true) {
$query = "INSERT INTO c (cn) VALUES (?)";
if(!$stmt->bind_param('s', $cn)) {
echo "insert error dawg".$stmt->error;
}
if(!$stmt->execute()){
$cityid = $stmt->insert_id;
echo "Your city ID is".$cityid;
} else {
$query = "INSERT INTO ucl (cid, uid) VALUES (?, ?)";
if(!$stmt = mysqli_prepare($mysqli, $query)) {
echo "Error: ".$stmt->error;
exit();
}
if(!$stmt->bind_param('ss', $cityid, $userid)){
echo "Error: ".$stmt->error;
}
if (!$stmt->execute()){
echo "Error: ".$stmt->error;
}
}
}
您已经使用了准备好的语句,因此您不需要再使用 mysqli_query()。您 can/should 在每个步骤中检查错误以帮助识别任何问题。
$query = "INSERT INTO u (userid, fn, ln, username, p, dob, sx, pn, em, a, up)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if (!$stmt = mysqli_prepare($mysqli, $query))
{
echo "Error: ".$stmt->error;
exit();
}
if (!$stmt->bind_param('isssssssssi', $uid, $fn, $ln, $u, $p, $dob, $sx, $pn, $em, $a, $up))
{
echo "Error: ".$stmt->error;
exit();
}
if ($stmt->execute()) {
$userid = $stmt->insert_id;
echo "Your user ID is ". $userid;
} else {
echo "Error: ".$stmt->error;
}
$stmt->close();