[英]Database Error HY000
我的代碼工作正常,但出現此錯誤:
SQLSTATE[HY000]:一般錯誤
我在谷歌上搜索,有人說它可能是 SQLi
這是什么 ? 我該如何解決?
感謝並為我糟糕的英語感到抱歉
try{
$db_con = new PDO("mysql:host={$db_host};dbname={$db_name}",$db_user,$db_pass);
$db_con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Anti Brute Forced
$stmt = $db_con->prepare("
SELECT * FROM users
");
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
$users_username = $row["users_username"];
$users_password = $row["users_password"];
$users_wrong_password = $row["users_wrong_password"];
if ($users_wrong_password <= 3 && isset($_GET["username"],$_GET["password"]) && $_GET["username"] == $users_username && $_GET["password"] != $users_password){
$u = $users_wrong_password + 1;
$g = 0;
$g = $_GET['username'];
$stmt = $db_con->prepare("
UPDATE users
SET users_wrong_password = $u
WHERE users.users_username = '$g'
");
$stmt->execute();
}
if ($_GET["username"] == $users_username && $users_wrong_password >= 4){
echo "Your Account Was Banned For 1 Hours";
die;
}
}
$g = $_GET['username'];
$stmt = $db_con->prepare("SELECT * FROM users where users_username = '$g'");
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
$ss = $row["users_wrong_password"];
}
if($ss <= 3){
$g = 0;
$g = $_GET['username'];
$stmt = $db_con->prepare("
UPDATE users
SET users_wrong_password = 0
WHERE users_username = '{$_GET['username']}'
");
$stmt->execute();
}
// Anti Brute Forced
[已解決] 編輯:
$g = $_GET['username']; $p = $_GET['password']; $stmt = $db_con->prepare(" SELECT * FROM users where users_username = '$g' and users_password = '$p' ");我認為同一個查詢有多種准備。 解決方案立即進行查詢准備。
代碼:
//... your code
$stmt1 = $db_con->prepare("
UPDATE users
SET users_wrong_password = $u
WHERE users.users_username = '$g'
");
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
$users_username = $row["users_username"];
$users_password = $row["users_password"];
$users_wrong_password = $row["users_wrong_password"];
if ($users_wrong_password <= 3 && isset($_GET["username"],$_GET["password"]) && $_GET["username"] == $users_username && $_GET["password"] != $users_password){
$u = $users_wrong_password + 1;
$g = 0;
$g = $_GET['username'];
$stmt1->execute();
//...
}
我以另一種類似的方式發現了這個問題
“錯誤信息”:[“HY000”]
當您使用 PDO更新、刪除或插入數據並嘗試獲取其結果時,就會發生這種情況。
解決方案是,在執行更新、刪除或插入后不要使用 fetch 或 fetchAll 方法。 當然,獲取它的結果是沒有意義的!
$stmt = $db_con->prepare("
UPDATE users SET name = 'Renato' WHERE ID = 0
");
$stmt->execute();
$stmt->fetch(PDO::FETCH_ASSOC); // The mistake is here, just remove this line
$stmt->fetchAll(PDO::FETCH_ASSOC); // It will cause troubles too, remove it
解決方案是在循環內更改語句變量名稱,或在開始循環之前獲取所有內容:
$stmt = $db_con->prepare("
SELECT * FROM users
");
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
// ...
// This is another statment
$another_stmt = $db_con->prepare("
UPDATE users
SET users_wrong_password = $u
WHERE users.users_username = '$g'
");
$another_stmt->execute();
}
$stmt = $db_con->prepare("
SELECT * FROM users
");
$stmt->execute();
// Everything is fetched here
$results = $stmt->fetchAll(PDO::FETCH_ASSOC)
foreach($results as $row){ // Another way to loop through results
$stmt = $db_con->prepare("
UPDATE users
SET users_wrong_password = $u
WHERE users.users_username = '$g'
");
$stmt->execute(); // Be happy with no troubles
}
為了幫助推進人類理解的視野,並且因為Stackoverflow 是 Reddit 和 Wikipedia 的組合,我添加了以下信息以幫助其他人。
這些錯誤代碼由 SQL 標准本身定義,並不特定於 mysql、Postgres 或任何其他數據庫。 HY000 SQLSTATE錯誤代碼是HYxxx系列錯誤代碼的一部分 - 用於客戶端錯誤(調用方):
| SQLSTATE Class | Meaning
|----------------|--------------------------------------------------|
| 00xxx | Unqualified Successful Completion |
| 01xxx | Warning |
| 02xxx | No Data |
| 07xxx | Dynamic SQL Error |
| 08xxx | Connection Exception |
| 09xxx | Triggered Action Exception |
| 0Axxx | Feature Not Supported |
| 0Fxxx | Invalid Token |
| 0Kxxx | Resignal When Handler Not Active |
| 0Nxxx | SQL/XML Mapping Error |
| 10xxx | XQuery Error |
| 20xxx | Case Not Found for Case Statement |
| 21xxx | Cardinality Violation |
| 22xxx | Data Exception |
| 23xxx | Constraint Violation |
| 24xxx | Invalid Cursor State |
| 25xxx | Invalid Transaction State |
| 26xxx | Invalid SQL Statement Identifier |
| 2Dxxx | Invalid Transaction Termination |
| 34xxx | Invalid Cursor Name |
| 35xxx | Invalid Condition Number |
| 36xxx | Cursor Sensitivity Exception |
| 38xxx | External Function Exception |
| 39xxx | External Function Call Exception |
| 3Bxxx | Savepoint Exception |
| 3Cxxx | Ambiguous Cursor Name |
| 40xxx | Transaction Rollback |
| 42xxx | Syntax Error or Access Rule Violation |
| 44xxx | WITH CHECK OPTION Violation |
| 46xxx | Java™ Errors |
| 51xxx | Invalid Application State |
| 53xxx | Invalid Operand or Inconsistent Specification |
| 54xxx | SQL or Product Limit Exceeded |
| 55xxx | Object Not in Prerequisite State |
| 56xxx | Miscellaneous SQL or Product Error |
| 57xxx | Resource Not Available or Operator Intervention |
| 58xxx | System Error |
| 5Uxxx | Common Utilities and Tools |
| HWxxx | Datalink Exception |
| HVxxx | FDW-specific condition |
| HYxxx | CLI-specific condition |
在這種情況下, HY000錯誤是一個通用錯誤:
| SQLSTATE | Description
|----------|------------------------------------------------------------|
| HY000 | general error |
| HY001 | memory allocation error |
| HY003 | invalid data type in application descriptor |
| HY004 | invalid data type |
| HY007 | associated statement is not prepared |
| HY008 | operation canceled |
| HY009 | invalid use of null pointer |
| HY010 | function sequence error |
| HY011 | attribute cannot be set now |
| HY012 | invalid transaction operation code |
| HY013 | memory management error |
| HY014 | limit on number of handles exceeded |
| HY017 | invalid use of automatically allocated descriptor handle |
| HY018 | server declined the cancellation request |
| HY019 | non-string data cannot be sent in pieces |
| HY020 | attempt to concatenate a null value |
| HY021 | inconsistent descriptor information |
| HY024 | invalid attribute value |
| HY055 | non-string data cannot be used with string routine |
| HY090 | invalid string length or buffer length |
| HY091 | invalid descriptor field identifier |
| HY092 | invalid attribute identifier |
| HY093 | invalid datalink value |
| HY095 | invalid FunctionId specified |
| HY096 | invalid information type |
| HY097 | column type out of range |
| HY098 | scope out of range |
| HY099 | nullable type out of range |
| HY103 | invalid retrieval code |
| HY104 | invalid LengthPrecision value |
| HY105 | invalid parameter mode |
| HY106 | invalid fetch orientation |
| HY107 | row value out of range |
| HY108 | invalid cursor position |
| HYC00 | optional feature not implemented |
所以以同樣的方式:
400 Bad Request是一般錯誤HY000是一般錯誤大多數數據庫還將提供更多特定於供應商的錯誤代碼或錯誤消息。
如果有人認為HY000代碼本身對任何事情HY000用。
Sqlite3,SQLSTATE [HY000]:一般錯誤:5數據庫被鎖定
[英]Sqlite3, SQLSTATE[HY000]: General error: 5 database is locked
SQLSTATE[HY000]:一般錯誤:8 嘗試寫入只讀數據庫
[英]SQLSTATE[HY000]: General error: 8 attempt to write a readonly database
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.