我正在使用PDO创建用户注册系统,并尝试将用户表单数据插入数据库表。非常简单,但是将错误的值输入数据库。输入数据库的值包括:username,:password,:email_address,:city等,而不是从表单传递给函数的值。知道我做错了什么吗?我尝试使用bindParam和bindValue但有类似的结果,并根据其他帖子我得出结论,使用数组是最好的方法。帮助!
function add_user($username, $password, $email, $fName, $lName, $address, $city, $state, $zip, $phone ) {
global $db;
$sql = "INSERT INTO alumni_user_info
(username, password, email_address, first, last, address, city, state, zip_code, phone)
VALUES
(':username', ':password', ':email_address', ':first', ':last', ':address', ':city', ':state', ':zip_code', ':phone')";
$sth = $db->prepare($sql);
$result = $sth -> execute(array(':username' => $username, ':password' => $password, ':email_address' => $email, ':first' => $fName, ':last' => $lName, ':address' => $address, ':city' => $city, ':state' => $state, ':zip_code' => $zip, ':phone' => $phone));
if ($sth->execute()) {
$success = "Registration successful";
return $success;
} else {
var_dump($result->errorInfo());
$success = "Registration failed";
return $success;
}
答案 0 :(得分:3)
请勿使用参数引号。它将被转义,因为你已经绑定了参数。
$sql = "INSERT INTO alumni_user_info
(username, password, email_address, first, last, address, city, state, zip_code, phone)
VALUES
(:username, :password, :email_address, :first, :last, :address, :city, :state, :zip_code, :phone)";
如果您执行此类操作':username',PDO会将其视为字符串。