Q关于[42000]并通过引用传递

时间:2015-05-10 14:44:33

标签: php sql variables pdo

我的php脚本中有两个错误,唯一的问题是这是我的其他脚本的确切代码。这就是我无法找到解决方案的原因。

你能帮我找到解决方案吗?

Strict Standards: Only variables should be passed by reference in /home/joshua/domains/*********/public_html/panel/settings.php on line 130

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'insert = NULL, lastname = 'Hiwat', password = '$2a$13$nAJT6kLx8N5Hd0G8zQ4yheEOad' at line 1' in /home/joshua/domains/*********/public_html/panel/settings.php:216 Stack trace: #0 /home/joshua/domains/********/public_html/panel/settings.php(216): PDOStatement->execute() #1 {main} thrown in /home/joshua/domains/tubecreators.com/public_html/panel/settings.php on line 216

这是我的代码......

            <?php
                                            if($_SERVER['REQUEST_METHOD'] == 'POST') {
                                                $errors = Array();

                                                if(isset($_POST['name'])) {
                                                    if(trim($_POST['name']) != '') {
                                                        if(strlen(trim($_POST['name'])) < 2) {
                                                            $errors[] = 'De voornaam is te kort (2).';
                                                        }
                                                    }else{
                                                        $errors[] = 'De voornaam is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen voornaam meegestuurd.';
                                                }                                                   

                                                if(isset($_POST['password'])) {
                                                    if(trim($_POST['password']) != '' && strlen(trim($_POST['password'])) < 6) {
                                                        $errors[] = 'Het wachtwoord moet minimum 6 karakters bevatten. Kies zorgvuldig een veilig wachtwoord met (hoofd)letters, cijfers en eventueel symbolen. Indien je je wachtwoord verliest kan je contact opnemen met de ICT manager.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen wachtwoord meegestuurd.';
                                                }

                                                if(isset($_POST['passwordrepeat'])) {
                                                    if(trim($_POST['passwordrepeat']) != trim($_POST['password'])) {
                                                        $errors[] = 'De opgegeven wachtwoorden zijn niet hetzelfde.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen herhaald wachtwoord meegestuurd.';
                                                }                                                   

                                                if(isset($_POST['lastname'])) {
                                                    if(trim($_POST['lastname']) != '') {
                                                        if(strlen(trim($_POST['lastname'])) < 2) {
                                                            $errors[] = 'De achternaam is te kort (2).';
                                                        }
                                                    }else{
                                                        $errors[] = 'De achternaam is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen achternaam meegestuurd.';
                                                }

                                                if(isset($_POST['birth'])) {
                                                    if(trim($_POST['birth']) != '') {
                                                        if(strlen(trim($_POST['birth'])) < 2) {
                                                            $errors[] = 'De de geboortedatum is ongeldig (2).';
                                                        }
                                                    }else{
                                                        $errors[] = 'De geboortedatum is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen geboortedatum meegestuurd.';
                                                }

                                                if(isset($_POST['city'])) {
                                                    if(trim($_POST['city']) != '') {
                                                        if(strlen(trim($_POST['city'])) < 1) {
                                                            $errors[] = 'De stadsnaam is te kort (2).';
                                                        }
                                                    }else{
                                                        $errors[] = 'De stadsnaam is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen stadsnaam meegestuurd.';
                                                }

                                                if(isset($_POST['mail'])) {
                                                    if(trim($_POST['mail']) != '') {
                                                        if(filter_var(trim($_POST['mail']), FILTER_VALIDATE_EMAIL)) {
                                                            $checkexist = $dbh->prepare('SELECT COUNT(id) FROM users WHERE mail = :mail AND NOT id = :id');
                                                            $checkexist->bindParam(':mail', trim($_POST['mail']), PDO::PARAM_STR);
                                                            $checkexist->bindParam(':id', $user['id'], PDO::PARAM_INT);
                                                            $checkexist->execute();
                                                            if($checkexist->fetchColumn() > 0) {
                                                                $errors[] = 'Er is al een account met dit mailadres.';
                                                            }
                                                        }else{
                                                            $errors[] = 'De e-mail is ongeldig.';
                                                        }
                                                    }else{
                                                        $errors[] = 'De e-mail is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen e-mail meegestuurd.';
                                                }

                                                if(isset($_POST['youtube'])) {
                                                    if(trim($_POST['youtube']) != '') {
                                                        if(strlen(trim($_POST['youtube'])) < 6) {
                                                            $errors[] = 'De Youtube gebruikersnaam is te kort (6).';
                                                        }
                                                    }else{
                                                        $errors[] = 'De Youtube gebruikersnaam is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen Youtube gebruikersnaam meegestuurd.';
                                                }

                                                if(isset($_POST['about'])) {
                                                    if(trim($_POST['about']) != '') {
                                                        if(strlen(trim($_POST['about'])) < 20) {
                                                            $errors[] = 'Het stukje over jezelf is te kort (2).';
                                                        }
                                                    }else{
                                                        $errors[] = 'Het stukje over jezelf is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen stukje over jezelf meegestuurd.';
                                                }

                                                if(isset($_POST['category'])) {
                                                    if(trim($_POST['category']) != '') {
                                                        if(strlen(trim($_POST['category'])) < 1) {
                                                            $errors[] = 'De Youtube categorie is te kort (2).';
                                                        }
                                                    }else{
                                                        $errors[] = 'De Youtube categorie is leeg gelaten.';
                                                    }
                                                }else{
                                                    $errors[] = 'Er is geen Youtube categorie meegestuurd.';
                                                }

                                                if(count($errors) == 0) {
                                                    $name = trim($_POST['name']);
                                                    $password = trim($_POST['password']);
                                                    if($password != '') {
                                                        $bcrypt = new Bcrypt($config['security']['passwordsafety']);
                                                        $passwordHashed = $bcrypt->hash($password);
                                                    }
                                                    $lastname = trim($_POST['lastname']);
                                                    $birth = trim($_POST['birth']);
                                                    $city = trim($_POST['city']);
                                                    $mail = trim($_POST['mail']);
                                                    $youtube = trim($_POST['youtube']);
                                                    $about = trim($_POST['about']);
                                                    $category = trim($_POST['category']);
                                                    $update = $dbh->prepare('UPDATE users SET name = :name, insert = :insert, lastname = :lastname, ' . (($password != '') ? 'password = :password, ' : '') . 'birth = :birth, country = :country, city = :city, mail = :mail, facebook = :facebook, twitter = :twitter, google = :google, instagram = :instagram, youtube = :youtube, pinterest = :pinterest, about = :about, category = :category WHERE id = :id');
                                                    $update->bindParam(':name', $name, PDO::PARAM_STR);
                                                    $update->bindParam(':insert', $insert, PDO::PARAM_STR);
                                                    $update->bindParam(':lastname', $lastname, PDO::PARAM_STR);
                                                    if($password != '') {
                                                        $update->bindParam(':password', $passwordHashed, PDO::PARAM_STR);
                                                    }
                                                    $update->bindParam(':birth', $birth, PDO::PARAM_STR);
                                                    $update->bindParam(':country', $country, PDO::PARAM_STR);
                                                    $update->bindParam(':city', $city, PDO::PARAM_STR);
                                                    $update->bindParam(':mail', $mail, PDO::PARAM_STR);
                                                    $update->bindParam(':facebook', $facebook, PDO::PARAM_STR);
                                                    $update->bindParam(':twitter', $twitter, PDO::PARAM_STR);
                                                    $update->bindParam(':google', $google, PDO::PARAM_STR);
                                                    $update->bindParam(':instagram', $instagram, PDO::PARAM_STR);
                                                    $update->bindParam(':youtube', $youtube, PDO::PARAM_STR);
                                                    $update->bindParam(':pinterest', $pinterest, PDO::PARAM_STR);
                                                    $update->bindParam(':about', $about, PDO::PARAM_STR);
                                                    $update->bindParam(':category', $category, PDO::PARAM_STR);
                                                    $update->bindParam(':id', $user['id'], PDO::PARAM_INT);
                                                    $update->execute();
                                                    addlog('Account gewijzigd', $user['id']);
                                                    echo '<font color="gree">De gebruiker is succesvol gewijzigd.</font><meta http-equiv="refresh" content="1;url=http://panel.tubecreators.com/instellingen">';
                                                    $edited = true;
                                                }else{
                                                    echo '<font color="red">Er ging wat mis. De volgende dingen gingen fout:<ul><li>' . join('</li><li>', $errors) . '</li></ul>De gebruiker is nniet gewijzigd.</font>';
                                                }
                                            }
                                            if(!isset($edited)) {
                                            ?>

1 个答案:

答案 0 :(得分:2)

insert是一个保留的MySQL关键字。你需要在像`insert`这样的反引号中引用它。您应该习惯为所有表名和列名执行此操作。

Only variables should be passed by reference正是它所说的。它期待引用,因此必须将变量传递给它。一旦你指向panel / settings.php的第130行,我就可以更新这个。

我的假设是bind_param生成错误,需要引用。我看到的一行代码肯定会产生这样的警告:

$checkexist->bindParam(':mail', trim($_POST['mail']), PDO::PARAM_STR);

这里传递的是返回值而不是变量。你可以这样做:

$trimMail = trim($_POST['mail'])
$checkexist->bindParam(':mail', $trimMail, PDO::PARAM_STR);