[英]Having an error with executing my query
Well, I'm creating a registration system for my website but I'm having trouble executing my query. 好了,我正在为我的网站创建一个注册系统,但是执行查询时遇到了麻烦。 I've tried to troubleshoot the problem, but I've had no success. 我试图解决问题,但是没有成功。 Kind of confused :( 有点困惑:(
Here is my code: 这是我的代码:
public function registerUser($username, $password, $email) {
global $core;
if(empty($username) || empty($password) || empty($email)) {
throw new Exception ('A required field was left blank');
} else {
//SQL Query Data
$data['username'] = $username;
$data['password'] = $core->encrypt($password);
$data['email'] = $email;
$data['userKey'] = rand(999999, 100000);
$data['ip'] = $_SERVER['REMOTE_ADDR'];
$data['date'] = time();
//SQL Query
$sql = "INSERT INTO `u_userdata` ('user-key', 'username', 'password', 'email', 'register-ip', 'register-date') VALUES (:userKey, :username, :password, :email, :ip, :date)";
$STH = $this->DBH->query($sql);
$STH->execute($data);
}
}
and here is the error I'm getting: 这是我得到的错误:
Fatal error: Call to a member function execute() on a non-object in C:\xampp\htdocs\community\inc\user.inc.php on line 33
I'm guessing it's an error with the query, but I'm not sure what! 我猜这是查询的错误,但我不确定是什么!
I think you have got PDO::prepare() mixed up with PDO::query() : 我认为您已经将PDO :: prepare()与PDO :: query()混合在一起:
It should be either: 应该是:
$result = $this->DBH->query($sql);
Or: 要么:
$STH = $this->DBH->prepare($sql);
$STH->execute($data);
From the docs: 从文档:
PDO::query() executes an SQL statement in a single function call, returning the result set (if any) returned by the statement as a PDOStatement object. PDO :: query()在单个函数调用中执行一条SQL语句,以PDOStatement对象的形式返回该语句返回的结果集(如果有)。
You would normally use PDO::prepare() if you are going to issue the same statement repeatedly, or if you need to bind parameters. 如果要重复发出同一条语句,或者需要绑定参数,通常可以使用PDO :: prepare() 。 As far as I am aware, it is not possible to bind parameters to your query prior to using PDO::query() . 据我所知,在使用PDO :: query()之前不可能将参数绑定到您的查询。
Note that with PDO::prepare() you can either use PDOStatement::bindParam() to bind parameters prior to calling PDOStatement->execute() , or you can pass the parameters as an array to PDOStatement->execute() . 请注意,使用PDO :: prepare()可以在调用PDOStatement-> execute()之前使用PDOStatement :: bindParam()绑定参数,也可以将参数作为数组传递给PDOStatement-> execute() 。
You also need to prefix your array keys with a colon. 您还需要在数组键前面加上一个冒号。 So the final result would be: 因此最终结果将是:
$data[':username'] = $username;
$data[':password'] = $core->encrypt($password);
$data[':email'] = $email;
$data[':userKey'] = rand(999999, 100000);
$data[':ip'] = $_SERVER['REMOTE_ADDR'];
data[':date'] = time();
//SQL Query
$sql = "INSERT INTO `u_userdata` ('user-key', 'username', 'password', 'email', 'register-ip', 'register-date') VALUES (:userKey, :username, :password, :email, :ip, :date)";
$STH = $this->DBH->prepare($sql);
$STH->execute($data);
You should use ` quote instead of ' in insert query. 您应该在插入查询中使用“引号而不是”。
"INSERT INTO u_userdata
( user-key
, username
, password
, email
, register-ip
, register-date
) VALUES (:userKey, :username, :password, :email, :ip, :date) “将u_userdata
插入u_userdata
( user-key
, username
, password
, email
, register-ip
, register-date
)的值(:userKey,:username,:password,:email,:ip,:date)
the query() function executes the sql statement. query()函数执行sql语句。 you should use the prepare() function. 您应该使用prepare()函数。 i'm assuming that you are using pdo, because of the pdo tag 我假设您正在使用pdo,因为pdo标签
$data[':username'] = $username;
$data[':password'] = $core->encrypt($password);
$data[':email'] = $email;
$data[':userKey'] = rand(999999, 100000);
$data[':ip'] = $_SERVER['REMOTE_ADDR'];
$data[':date'] = time();
//SQL Query
$sql = "INSERT INTO `u_userdata` ('user-key', 'username', 'password', 'email', 'register-ip', 'register-date') VALUES (:userKey, :username, :password, :email, :ip, :date)";
$stmt = $this->DBH->prepare($sql);
$stmt->execute($data);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.