我见过类似的问题,但是我似乎仍无法解决问题,所以如果这可能是重复的话,我很抱歉。
无论如何这里是代码:
$email = $_POST['emailAddress'];
$username = $_POST['userName'];
$dob = $_POST['dobYear'] . "-" . $_POST['dobMonth'] . "-" . $_POST['dobDay'];
$fname = $_POST['firstName'];
$sname = $_POST['lastName'];
$country = $_POST['country'];
$squestion = $_POST['secretQuestion'];
$sanswer = $_POST['secretAnswer'];
require('db_connect.php');
$insert_stmt = $mysqli->prepare("INSERT INTO users (username, email, password, salt, fname, sname, country, dob, squestion, sanswer) VALUES (:username, :email, :password, :salt, :fname, :sname, :country, :dob, :squestion, :sanswer)");
var_dump($mysqli->error);
$insert_stmt->bind_param(':username', $username); // error is here
$insert_stmt->bind_param(':email', $email);
$insert_stmt->bind_param(':password', $password);
$insert_stmt->bind_param(':salt', $random_salt);
$insert_stmt->bind_param(':fname', $fname);
$insert_stmt->bind_param(':sname', $sname);
$insert_stmt->bind_param(':country', $country);
$insert_stmt->bind_param(':dob', $dob);
$insert_stmt->bind_param(':squestion', $squestion);
$insert_stmt->bind_param(':sanswer', $sanswer);
$insert_stmt->execute();
这是var_dump的输出:
您的SQL语法有错误;检查与您的MySQL服务器版本对应的手册,以便在':username,:email,:password,:salt,:fname,:sname,:country,:dob,:squestion,'at line 1'附近使用正确的语法。
我知道准备线上一定有问题,但我真的没有看到它。
这是db_connect.php以防万一有人想看,但这个文件运行正常:
define("HOST", "localhost"); // The host you want to connect to.
define("USER", "sec_user"); // The database username.
define("PASSWORD", "eKcGZr59zAa2BEWU"); // The database password.
define("DATABASE", "secure_login"); // The database name.
$mysqli = new mysqli(HOST, USER, PASSWORD, DATABASE);
再次,对不起,如果这是重复的,或者我错过了一些blatent和明显的东西。
答案 0 :(得分:2)
类mysqli_stmt不支持命名的SQL参数。此外,mysql_stmt::bind_param()的第一个参数不是SQL参数的名称(因为类mysqli_stmt不支持命名的SQL参数)。
答案 1 :(得分:0)
$insert_stmt = $mysqli->prepare("INSERT INTO users (username, email, password, salt, fname, sname, country, dob, squestion, sanswer) VALUES (?, ?,?, ?, ?, ?, ?, ?, ?, ?)");
相应地更改你的绑定