更新查询无法使用PDO

时间:2014-05-21 01:15:55

标签: php mysql pdo phpmyadmin

我尝试更新我的数据,但它不起作用

<?php
require("config.inc.php");//this piece of code us for authentication and it works fine.


  if(!empty($_POST))
  {
/**
  the values below in the POST are valid not empty values
**/
  $shell = $_POST['shell'];
  $reporter = $_POST['reporter'];

    //query
   $query = "UPDATE `shellingdb`
             SET `likes` = `likes` + 1
              WHERE `shell` = :shell AND `reporter` = :reporter";

           try {
         $query_params =  array(':shell' => $_POST['shell'], ':reporter' => $_POST['reporter']);//Updates likes
        $stmt   = $db->prepare($query);
        $result = $stmt->execute($query_params);
                    $affected = $stmt->rowCount();//counts the number of affected rows during the update query
        if($affected > 0)
        {
                        $response["success"] = 1;
            $response["message"] = "Updated! this number of rows were affected".$affected;
            echo json_encode($response);
        }else
        {
            $response["success"] = 2;
                $response["message"] = "Not Updated! huh!".$affected;
                echo json_encode($response);
        }
    }
    catch (Exception $ex) {
        $response["success"] = 0;
        $response["message"] = "Database Error!".$ex->getMessage();
        die(json_encode($response));
    }
  }
?>  

config.inc.php

<?php 

// These variables define the connection information for your MySQL database 
$username = "xmnj3jh0jhtheu_14265914"; 
$password = "jhikjskjiavethew"; 
$host = "sqlkjnlkkjlk101.x3kuhiu0lkj.us"; 
$dbname = "x3lnklj0u_1426jbkb5914_gbabbjkhjajhlert"; 

// UTF-8 is a character encoding scheme that allows you to conveniently store 
// a wide varienty of special characters, like � or �, in your database. 
// By passing the following $options array to the database connection code we 
// are telling the MySQL server that we want to communicate with it using UTF-8 
// See Wikipedia for more information on UTF-8: 
// http://en.wikipedia.org/wiki/UTF-8 
$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'); 

// A try/catch statement is a common method of error handling in object oriented code. 
// First, PHP executes the code within the try block.  If at any time it encounters an 
// error while executing that code, it stops immediately and jumps down to the 
// catch block.  For more detailed information on exceptions and try/catch blocks: 
// http://us2.php.net/manual/en/language.exceptions.php 
try 
{ 
    // This statement opens a connection to your database using the PDO library 
    // PDO is designed to provide a flexible interface between PHP and many 
    // different types of database servers.  For more information on PDO: 
    // http://us2.php.net/manual/en/class.pdo.php 
    $db = new PDO("mysql:host={$host};dbname={$dbname};charset=utf8", $username, $password, $options); 
} 
catch(PDOException $ex) 
{ 
    // If an error occurs while opening a connection to your database, it will 
    // be trapped here.  The script will output an error and stop executing. 
    // Note: On a production website, you should not output $ex->getMessage(). 
    // It may provide an attacker with helpful information about your code 
    // (like your database username and password). 
    die("Failed to connect to the database: " . $ex->getMessage()); 
} 

// This statement configures PDO to throw an exception when it encounters 
// an error.  This allows us to use try/catch blocks to trap database errors. 
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 

// This statement configures PDO to return database rows from your database using an associative 
// array.  This means the array will have string indexes, where the string value 
// represents the name of the column in your database. 
$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); 

// This block of code is used to undo magic quotes.  Magic quotes are a terrible 
// feature that was removed from PHP as of PHP 5.4.  However, older installations 
// of PHP may still have magic quotes enabled and this code is necessary to 
// prevent them from causing problems.  For more information on magic quotes: 
// http://php.net/manual/en/security.magicquotes.php 
if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) 
{ 
    function undo_magic_quotes_gpc(&$array) 
    { 
        foreach($array as &$value) 
        { 
            if(is_array($value)) 
            { 
                undo_magic_quotes_gpc($value); 
            } 
            else 
            { 
                $value = stripslashes($value); 
            } 
        } 
    } 

    undo_magic_quotes_gpc($_POST); 
    undo_magic_quotes_gpc($_GET); 
    undo_magic_quotes_gpc($_COOKIE); 
} 

// This tells the web browser that your content is encoded using UTF-8 
// and that it should submit content back to you using UTF-8 
header('Content-Type: text/html; charset=utf-8'); 

// This initializes a session.  Sessions are used to store information about 
// a visitor from one web page visit to the next.  Unlike a cookie, the information is 
// stored on the server-side and cannot be modified by the visitor.  However, 
// note that in most cases sessions do still use cookies and require the visitor 
// to have cookies enabled.  For more information about sessions: 
// http://us.php.net/manual/en/book.session.php 
session_start(); 

// Note that it is a good practice to NOT end your PHP files with a closing PHP tag. 
// This prevents trailing newlines on the file from being included in your output, 
// which can cause problems with redirecting users.

?>

不知道什么是错的,它没有给出进入else语句的错误,这意味着值没有更新。我在sqlfiddle中尝试了相同的代码,但它不起作用,但不适用于我的PhpMyAdmin。

我知道更新的值应该传递到$ query_params但是每次运行时都会增加like的值,并且我不知道如何在$ query_params中执行此操作,除非我使用单独的查询来获取喜欢的数量,然后增加它,但这可能是昂贵的。

在没有PDO的情况下进行查询仍然无法使这次更新失败

<?php

$username = "x3jbhiukhkj0u426jbhjnbvh591mbhb4"; 
$password = "savjiuejbiuhilkmthljiew"; 
$host = "sqlnjhbjhnkjjjhbj"; 
$dbname = "x3hjbh0ukjioiuhgbjhvhgvh";

 $shell = "Rustig";
 $reporter = "davies";

  //query
  $query = "UPDATE `shellingdb`
            SET `favs` = 1
            WHERE `shell` = 'Rustig'";


$link = mysql_connect($host, $username, $password);
if (!$link) 
{
     die('Could not connect: ' . mysql_error());
}else
{
     echo 'Connected successfully';
     $db_selected = mysql_select_db($dbname, $link);

         if (!$db_selected) 
         {
               die ('Can\'t use foo : ' . mysql_error());
         }else
         {
              echo 'Connected to database successfully';

              if(empty($_POST))
              {
                $retval = mysql_query( $query, $link )or die(mysql_error($link));;
                if(! $retval )
                {
                     die('Could not query database: ' . mysql_error());
                }else
                {
                      if(mysql_affected_rows() > 0)
                      {
                           echo "Updated data successfully\n";
                      }else
                      {
                           //echo "shell=".$shell." reporter=".$reporter';
                           echo "Updated data Unsuccessfully\n";
                      }
                }
             }
         }
}
mysql_close($link);
?>  

以下是PDOStatement :: debugDumpParams()的输出;对于第一个PHP语法

  

SQL:[124]更新shellingdb设置likes = likes + 1 WHERE shell =:shell AND reporter&gt; =:报警参数: 2键:名称:[6]:shell paramno = -1 name = [6]“:shell”is_param = 1 param_type = 2 Key:Name:[9]:reporter paramno = -1 name = [9]“:reporter “is_param = 1 param_type = 2

2 个答案:

答案 0 :(得分:0)

我使用了bindParam。 bindParam是PDOStatement的一种方法。

尝试:

<?php
require("config.inc.php");//this piece of code us for authentication and it works fine.


if(isset($_POST))
{
    /**
     the values below in the POST are valid not empty values
     **/
    $shell = $_POST['shell'];
    $reporter = $_POST['reporter'];

    //query
    $query = "UPDATE `shellingdb`
    SET `likes` = `likes` + 1
    WHERE `shell` = :shell AND `reporter` = :reporter";

    try {
        $stmt = $db->prepare($query);
        $stmt->bindParam(":shell", $shell);
        $stmt->bindParam(":reporter", $reporter);
        $stmt->execute();

        $affected = $stmt->rowCount();//counts the number of affected rows during the update query
        if($affected > 0)
        {
            $response["success"] = 1;
            $response["message"] = "Updated! this number of rows were affected".$affected;
            echo json_encode($response);
        }else
        {
            $response["success"] = 2;
            $response["message"] = "Not Updated! huh!".$affected;
            echo json_encode($response);
        }
    }
    catch (Exception $ex) {
        $response["success"] = 0;
        $response["message"] = "Database Error!".$ex->getMessage();
        die(json_encode($response));
    }
}
?>

答案 1 :(得分:0)

经过长时间的尝试和错误(Brut Forcing)之后,这个终于有效了吗

$query = "UPDATE `shellingdb` SET `likes`=`likes`+1 WHERE `shell` = :shell AND `reporter`     = :reporter";

感谢所有试图提供帮助的人。 :)