无法运行查询:SQLSTATE [42000]:[Microsoft] [SQL Server Native Client 11.0] [SQL Server]''附近的语法不正确

时间:2013-12-19 10:33:10

标签: php sql sql-server sql-server-2008

我正在使用PDO连接到运行在azure中的Microsoft Server,并且我一直收到错误:

这是我写的函数(insertUser):

private function generateSalt()
{
    return dechex(mt_rand(0, 4453456454)) . dechex(mt_rand(0, 543545435));
}

private function hashPassword($originalPassword, $salt)
{
    for($round = 0; $round < 65536; $round++)
    {
        $password = hash('sha256', $password . $salt);
    }

    return $password;
}

private function insertUser()
{
    $salt = $this->generateSalt();
    $password = $this->hashPassword($_POST['password'], $salt);

    $query = "INSERT INTO dbo.[User]
                            ( Title ,
                              FirstName ,
                              MiddleName ,
                              LastName ,
                              Gender ,
                              DOB ,
                              Email ,
                              Phone ,
                              Mobile ,
                              HomeAddress ,
                              HomePostCode ,
                              HomeSuburb ,
                              HomeState ,
                              HomeCountry ,
                              BrowserDetails ,
                              IsActive ,
                              Password ,
                              Salt ,
                              LastLogin ,
                              CompanyID ,
                              Created ,
                              CreatedBy ,
                              LastModified ,
                              LastModifiedBy ,
                              Username ,
                              UserRole
                            )
                    VALUES  ( @title , -- Title - varchar(50)
                              @firstname , -- FirstName - varchar(100)
                              @middlename , -- MiddleName - varchar(100)
                              @lastname , -- LastName - varchar(100)
                              @gender , -- Gender - varchar(20)
                              @dob , -- DOB - datetime
                              @email , -- Email - varchar(200)
                              @phone , -- Phone - varchar(50)
                              @mobile , -- Mobile - varchar(50)
                              @homeaddress , -- HomeAddress - varchar(100)
                              @homepostcode , -- HomePostCode - varchar(10)
                              @homesuburb , -- HomeSuburb - varchar(50)
                              @homestate , -- HomeState - varchar(20)
                              @homecountry , -- HomeCountry - varchar(200)
                              @browserdetails , -- BrowserDetails - varchar(500)
                              1 , -- IsActive - bit
                              @password , -- Password - varchar(500)
                              @salt , -- Salt - varchar(50)
                              GETDATE() , -- LastLogin - datetime
                              @companyid , -- CompanyID - int
                              GETDATE() , -- Created - datetime
                              user , -- CreatedBy - varchar(50)
                              NULL , -- LastModified - datetime
                              NULL , -- LastModifiedBy - varchar(50)
                              @username , -- Username - varchar(50)
                              'user'  -- UserRole - varchar(30)
                            )";

    $query_params = array(          ':title' => $_POST['title'] ,
                                    ':firstname' => $_POST['firstname'] ,
                                    ':middlename' => $_POST['middlename'] ,
                                    ':lastname' => $_POST['lastname'] ,
                                    ':gender' => $_POST['gender'] ,
                                    ':dob' => $_POST['dob'] ,
                                    ':email' => $_POST['email'] ,
                                    ':phone' => $_POST['phone'] ,
                                    ':mobile' => $_POST['mobile'] ,
                                    ':homeaddress' => $_POST['homeaddress'] ,
                                    ':homepostcode' => $_POST['homepostcode'] ,
                                    ':homesuburb' => $_POST['homesuburb'] ,
                                    ':homestate' => $_POST['homestate'] ,
                                    ':homecountry' => $_POST['homecountry'] ,
                                    ':browserdetails' => $_POST['browserdetails'] ,
                                    ':password' => $password ,
                                    ':salt' => $salt ,
                                    ':companyid' => $_POST['companyid'] ,
                                    ':username' => $_POST['username']   );

    try
    {
        $stmt = $this->db->prepare($query);
        $result = $stmt->execute($query_params);
    }
    catch(PDOException $ex)
    {
        die("Failed to run query: " . $ex->getMessage());
    }

    // display json encode on the page for AJAX to read
    echo json_encode(array('error' , $result));
}

我收到的错误是:

  

无法运行查询:SQLSTATE [42000]:[Microsoft] [SQL Server Native   客户端11.0] [SQL Server]')'附近的语法不正确。

这让我很困惑的原因是我在SQL Management Studio中使用我发送的帖子数据手动重新创建了查询,一切正常。我甚至尝试过创建一个临时表,并插入那里,但我仍然没有成功。救命啊!

对于上下文,这是我尝试使用的帖子数据:

类别:1

  1. 用户名:bhills_4993@veryrealemail.com
  2. companyemail:bhills_4993@veryrealemail.com
  3. confirmEmail:bhills_4993@veryrealemail.com
  4. 密码:123
  5. confirmPassword:123
  6. function:registrationProcessCompany
  7. 类别:职场
  8. 标题:Ms
  9. 名字:Beverly
  10. 姓:Hills
  11. 公司名称:Hills Corp
  12. companysize:Hills Corp
  13. questdeptdiv:特定部门/部门
  14. companyaddress:Hills Corp
  15. companysuburb:Hills Corp
  16. companypostcode:Hills Corp
  17. companytype:信息媒体和电信
  18. SportingGroupAge []:高级
  19. statesportingbody:CA
  20. QuestAction:健康饮食,少喝酒
  21. 来源:电台

    22. 这就是桌面设计:

    USE [junglegymSQL] GO

/****** Object:  Table [dbo].[User]    Script Date: 19/12/2013 8:28:32 PM ******/ SET ANSI_NULLS ON GO

SET QUOTED_IDENTIFIER ON GO

SET ANSI_PADDING ON GO

CREATE TABLE [dbo].[User](
    [UserId] [int] IDENTITY(1,1) NOT NULL,  
    [Title] [varchar](50) NULL,     
    [FirstName] [varchar](100) NOT NULL,    
    [MiddleName] [varchar](100) NULL,   
    [LastName] [varchar](100) NOT NULL,     
    [Gender] [varchar](20) NULL,    
    [DOB] [datetime] NULL,  
    [Email] [varchar](200) NOT NULL,    
    [Phone] [varchar](50) NULL,     
    [Mobile] [varchar](50) NULL,    
    [HomeAddress] [varchar](100) NULL,  
    [HomePostCode] [varchar](10) NULL,  
    [HomeSuburb] [varchar](50) NULL,    
    [HomeState] [varchar](20) NULL,     
    [HomeCountry] [varchar](200) NULL,  
    [BrowserDetails] [varchar](500) NULL,   
    [IsActive] [bit] NULL,  
    [Password] [varchar](500) NOT NULL,     
    [Salt] [varchar](50) NOT NULL,  
    [LastLogin] [datetime] NULL,    
    [CompanyID] [int] NULL,     
    [Created] [datetime] NULL,  
    [CreatedBy] [varchar](50) NULL,     
    [LastModified] [datetime] NULL,     
    [LastModifiedBy] [varchar](50) NULL,    
    [Username] [varchar](50) NOT NULL,  
    [UserRole] [varchar](30) NULL,  
CONSTRAINT [PK_users] PRIMARY KEY CLUSTERED  (
[UserId] ASC 
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) )

GO

SET ANSI_PADDING OFF GO

ALTER TABLE [dbo].[User] ADD  DEFAULT ('User') FOR [UserRole] GO

ALTER TABLE [dbo].[User]  WITH CHECK ADD  CONSTRAINT [FK_User_Company] FOREIGN KEY([CompanyID]) REFERENCES [dbo].[Company] ([CompanyID]) GO

ALTER TABLE [dbo].[User] CHECK CONSTRAINT [FK_User_Company] GO

1 个答案:

答案 0 :(得分:0)

检查单引号make(')的值语法是否正常

相关问题
最新问题