使用PDO时获取数据出错?

时间:2014-08-23 12:45:16

标签: php mysql pdo

当用户使用PDO登录时,为了从数据库中获取用户ID,我的$ stmt没有执行,我是neitjer获取用户ID。你能在这段代码中找到错误吗?

function signin_user($email, $password) {
    //prepare email address and password hash for safe query
    $email   = $email;
    $pwdhash = hash("SHA1", $password);

    //connect to MySQL
    try {
        $dsn = 'mysql:host=localhost; dbname=company';

        $dbh = new PDO($dsn, 'root', '');
        echo "connected to database";

        $userid = 0;
        $stmt   = $dbh->prepare("SELECT id FROM company_description(email,password) WHERE VALUES (:email,:password)");
        $stmt->bindvalue(':email', $email);
        $stmt->bindvalue(':password', $pwdhash);
        $stmt->execute()
        foreach ($stmt as $id) {
                $userid=$id['id'];
        }
        echo $userid;

        // close the database connection
        $dbh = null;
        return $userid;
    }
     catch (PDOException $e) {
        //try/catch are like if/else in PDO
        //PDOexception/$e/getMessage() arefunction in PDO's API and they don't die unlike mysql_connect fashion
        echo $e->getMessage();
    }

}

__ UPDATE __ 感谢大家花时间解决我的问题。它已经解决了,正确/工作代码看起来像

//connect to MySQL
        $dsn = 'mysql:host=localhost; dbname=company';

        $dbh = new PDO($dsn, 'root', '');

        //PDO error throwing expression, so PDO doesn't die without telling reason
        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        //escaping strings and selecting data from database
        $sth = $dbh->prepare('SELECT id FROM company_descriptioin WHERE email=? AND password = ?');
        $sth->execute(array($email, $pwdhash));

        $userid = 0;
        //fetching the data in a assosiative array
        $result = $sth->fetch(PDO::FETCH_ASSOC);
        $userid = $result['id'];

        // close database and return null
        $dbh = null;
        return $userid;

4 个答案:

答案 0 :(得分:0)

我认为你正试图插入表格

为此您需要更改查询 

    $stmt   = $dbh->prepare("Insert into company_description(email,password) VALUES 
(':email',':password')");

如果我错了,你真的想要获取数据,那么你应该这样做

$stmt   = $dbh->prepare("SELECT id,email,password FROM company_description");
        $stmt->query();

注意: -

execute()用于插入或更新值,而query()用于获取数据

答案 1 :(得分:0)

似乎你可以写如下:AS Php.net 

$stmt = $dbh->prepare('SELECT id
    FROM company_description
    WHERE email = :email AND password = :password');
$stmt->execute(array(':email' => $email, ':password' => $pwdhash));

答案 2 :(得分:0)

认为您的SQL语法存在问题:

$stmt   = $dbh->prepare("SELECT id FROM company_description(email,password) WHERE VALUES (:email,:password)");

致:

$stmt   = $dbh->prepare("SELECT id FROM company_description WHERE (email=:email AND password=:password");

答案 3 :(得分:0)

您的SQL查询语法无效,您从未在execute()

之后提取数据

试试这个:

function signin_user($email, $password) {
    //connect to MySQL
    try {
        $dsn = 'mysql:host=localhost; dbname=company';

        $dbh = new PDO($dsn, 'root', '');
        echo "connected to database";

        $query = "
                  SELECT id 
                  FROM company_description 
                  WHERE email = :email AND password = :password
                 ";

        $stmt   = $dbh->prepare($query);
        $stmt->bindvalue(':email', $email);
        $stmt->bindvalue(':password', hash("SHA1", $password));
        $stmt->execute()

        if($row = $stmt->fetch()){
            return $row['id'];
        }else{
            return false;
        }

    }
     catch (PDOException $e) {
        echo $e->getMessage();
        return false;
    }

}

用法:

$user_id = singin_user("some@email.com", "somepass");
if($user_id != false){
   echo 'user_id = '.$user_id;
}
相关问题
最新问题