PDO bindParam与$ _POST无法正常工作

时间:2013-06-07 16:28:05

标签: php select post pdo

我一直在搜索和搜索各种各样的东西,但我无法正常工作。谁能看到我做错了什么?我是PDO的新手,并试图用其他很多东西来解决这个问题。

如果我手动提交值而不是尝试绑定它,我可以得到以下工作,但我想使用占位符。我已经得到了'Array'的值,有时MySQL响应:name导致无效的语法...我已经尝试重新排列bind的值,我只是无法让它给我回复值。我有一个插入部分,并且工作正常,但我在这里和查询本身搞乱了。

我感谢您可以帮助我的任何方向。这让我抓狂:

注意:由于这只是一个测试,所有db包含的是名称和电话列(当我通过这些obsticles时会扩展)。

    <?php
    # VARs
    $host = "MYHOST";
    $db = "MYDB";
    $user = "MYUSER";
    $pw = "MYPW";

    # pdo options/attributes
    $opts = array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION );

    # data source name
    $dsn = "mysql:host=" . $host . ";dbname=" . $db;

    ?>
    <!DOCTYPE html>
    <html>
    <head><title>Test</title>

    </head>
    <body>

    <h3>Test</h3>
    <p>Pull data using PDO</p>
    <form method="POST" action="test.php"><input type="text" name="name"><input type="submit" value="Search"></form><br /><br />
    <hr />

    <? 
        try {

            $DBH = new PDO($dsn, $user, $pw, $opts);
            # $DBH->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );

            $STH = $DBH->query('SELECT name, phone FROM directory WHERE name LIKE :name');

            $STH->bindParam(':name', $_POST['name']);

            $STH->setFetchMode(PDO::FETCH_ASSOC);

            while($row = $STH->fetch()) {
                echo $row['name'] . "\n" . $row['phone'] . "<br />";
            }
        }

        catch(PDOException $e) {
            echo "I'm sorry, Dave. I'm afraid I can't do that.<br />";
            echo $e->getMessage();
            # file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND);
        }
    ?>

    <hr />

    </body>
    </html>

- - - - - - - - - - - - - 已解决的答案 - - - - - - - - - - - - -

- - - - - - - - - - - - - 已解决的答案 - - - - - - - - - - - - -

感谢下面的回复,这里是对我的查询和pdo布局的更正:

    <? 
        try {

            $DBH = new PDO($dsn, $user, $pw, $opts);
            # $DBH->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );

            ####-------Changed query to prepare
            $STH = $DBH->prepare('SELECT name, phone FROM directory WHERE name LIKE :name'); 

            ####-------using bindValue instead of bindParam
            ####-------also using % for wildcards to help with LIKE query (would only give specific search back without)
            $STH->bindValue(':name', '%' . $_POST['name'] . '%'); 

            ####-------was missing execute (had query above instead of prepare)
            $STH->execute();

            $STH->setFetchMode(PDO::FETCH_ASSOC);

            while($row = $STH->fetch()) {
                echo $row['name'] . "\n" . $row['phone'] . "<br />";
            }
        }

        catch(PDOException $e) {
            echo "I'm sorry, Dave. I'm afraid I can't do that.<br />";
            echo $e->getMessage();
            # file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND);
        }
    ?>

1 个答案:

答案 0 :(得分:6)

您忘记了$STH->execute();

它应该在$STH->bindParam(':name', $_POST['name']);

之后

您还应该使用$DBH->prepare();代替$DBH->query();

相关问题
最新问题