CREATE EVENT 语句不适用于 PDO?
CREATE EVENT statement not working with PDO?
我似乎一辈子都想不通为什么这个 CREATE EVENT 语句不起作用。我可以从 CLI 将它的等价物直接放入 MariaDB,但由于某些原因,这个不起作用。
echo "unspaced, nexttime, ident, ttime<br />";
var_dump ($unspaced, $nexttime, $ident, $ttime);
echo "<br />";
$neweventstatement = $loginconn->prepare("CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END");
$neweventstatement->bindParam(':eventname', $unspaced, PDO::PARAM_STR);
$neweventstatement->bindParam(':nexttime', $nexttime, PDO::PARAM_INT);
$neweventstatement->bindParam(':id', $ident, PDO::PARAM_INT);
$neweventstatement->bindParam(':tasktime', $ttime, PDO::PARAM_STR);
$neweventstatement->execute();
产生以下输出:
unspaced, nexttime, ident, ttime
string(31) "t682020101400334320201014235504" int(300) int(68) string(19) "2020-10-14 00:33:43"
Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? ON SCHEDULE AT CURRENT_TIMESTAMP + ? SECOND DO BEGIN UPDATE tasks SET ended = NULL' at line 1
我也尝试过明显的变体,例如
CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECONDS DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END
CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime;
CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END
DELIMITER ^^ CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END ^^
但似乎没有任何效果。
我觉得我错过了一些明显的东西,但我看不到它。
编辑:出于某种原因,一个狡猾的人将其标记为“为什么哦,为什么我准备好的声明不采用 TABLE 名称。”它不是。我已经对其进行了编辑,以明确问题所在。如下所示,问题是 CREATE EVENT 不能是准备好的语句。
mysql 手册中有关 prepared statements 的部分包含您在准备好的语句中使用的 SQL 语句的列表。 CREATE EVENT 语句未包含在此列表中,因此您不能将其用作准备好的语句。
您必须通过字符串连接创建 sql 语句并照此执行。您必须添加进一步的检查以确保这不会导致 sql 注入漏洞。
我似乎一辈子都想不通为什么这个 CREATE EVENT 语句不起作用。我可以从 CLI 将它的等价物直接放入 MariaDB,但由于某些原因,这个不起作用。
echo "unspaced, nexttime, ident, ttime<br />";
var_dump ($unspaced, $nexttime, $ident, $ttime);
echo "<br />";
$neweventstatement = $loginconn->prepare("CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END");
$neweventstatement->bindParam(':eventname', $unspaced, PDO::PARAM_STR);
$neweventstatement->bindParam(':nexttime', $nexttime, PDO::PARAM_INT);
$neweventstatement->bindParam(':id', $ident, PDO::PARAM_INT);
$neweventstatement->bindParam(':tasktime', $ttime, PDO::PARAM_STR);
$neweventstatement->execute();
产生以下输出:
unspaced, nexttime, ident, ttime
string(31) "t682020101400334320201014235504" int(300) int(68) string(19) "2020-10-14 00:33:43"
Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? ON SCHEDULE AT CURRENT_TIMESTAMP + ? SECOND DO BEGIN UPDATE tasks SET ended = NULL' at line 1
我也尝试过明显的变体,例如
CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECONDS DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END
CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime;
CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END
DELIMITER ^^ CREATE EVENT :eventname ON SCHEDULE AT CURRENT_TIMESTAMP + :nexttime SECOND DO BEGIN UPDATE `tasks` SET ended = NULL WHERE id = :id AND created = :tasktime; END ^^
但似乎没有任何效果。
我觉得我错过了一些明显的东西,但我看不到它。
编辑:出于某种原因,一个狡猾的人将其标记为“为什么哦,为什么我准备好的声明不采用 TABLE 名称。”它不是。我已经对其进行了编辑,以明确问题所在。如下所示,问题是 CREATE EVENT 不能是准备好的语句。
mysql 手册中有关 prepared statements 的部分包含您在准备好的语句中使用的 SQL 语句的列表。 CREATE EVENT 语句未包含在此列表中,因此您不能将其用作准备好的语句。
您必须通过字符串连接创建 sql 语句并照此执行。您必须添加进一步的检查以确保这不会导致 sql 注入漏洞。