您好我是pdo的初学者并尝试从列代码中获取变量,然后检查变量是否与inputelement code具有相同的值。
这是错误消息:
致命错误:在第23行的C:\ xampp \ htdocs \ social \ activation1.php中调用字符串上的成员函数fetchColumn()
<?php require_once './auth.php'; ?>
<?php
if(isset($_POST["submit"])){
$hostname='localhost';
$user='root';
$password='';
if (isset($_POST['code'])) {
$code=$_POST['code'];
}
$username = ($_SESSION['user']['username']);
try {
$dbh = new PDO("mysql:host=$hostname;dbname=loginsystem",$user,$password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // <== add this line
$sql = " SELECT code FROM user2 WHERE username = '$username'";
$result = $sql->fetchColumn();
}
catch(PDOException $e)
{
echo $e->getMessage();
}
if ($result == $_POST['code']) {
$message['success'] = 'Neuer Benutzer (' . htmlspecialchars($_POST['username']) . ') wurde angelegt, <a href="login.php">weiter zur Anmeldung</a>.';
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/social/main.php');
} else {
print('<pre> Please try it again. :: ');
print('</pre>');
}
}
?>
答案 0 :(得分:1)
我认为您伪造查询语句$dbh->query()。用户名也写在quotes
$sql = "SELECT code FROM user2 WHERE username = '".$username."' ";
if ($res = $dbh->query($sql)) {// need to add this line in your code
// then after fetchColumn
$result = $res->fetchColumn();
}