致命错误:带有消息的未捕获异常'PDOException' 'SQLSTATE [42000]:语法错误或访问冲突:1064您有 SQL语法错误;查看与您的手册相对应的手册 MariaDB服务器版本,在''1235'='1235'附近使用正确的语法 WHERE username ='wafflezzz''在第1行'中 / home / wafflez3 / public_html / Project SA Theme / ipn / set.php:14 Stack trace:#0 / home / wafflez3 / public_html / Project SA Theme / ipn / set.php(14): 抛出PDOStatement-> execute()#1 {main} 第14行/ home / wafflez3 / public_html / Project SA Theme / ipn / set.php
当我使用此代码将空值更改为值时,我收到了该错误。
<?php session_start(); require "../pdo_connect.php"; $usrname = $_SESSION["username"]; ?>
<title>Loading...</title>
<?php
$checker = $conn->prepare("SELECT * FROM transactions WHERE payer_user=:username AND success='1'");
$checker->bindParam(":username", $usrname);
$checker->execute();
while ($row = $checker->fetch(PDO::FETCH_BOTH)) {
$paidscript = $row["item_name"];
$sql = $conn->prepare("UPDATE us SET :script=:script WHERE username=:userr");
$sql->bindParam(":userr", $usrname);
$sql->bindParam(":script", $paidscript);
$sql->execute();
echo "You can now view the script!";
}
答案 0 :(得分:1)
$sql = $conn->prepare("UPDATE us SET :script=:script WHERE username=:userr");
应该是
$sql = $conn->prepare("UPDATE us SET script=:script WHERE username=:userr");
您根本不打算将字段名称绑定到参数。如果你这样做,它会给你一个这样的错误。
要拥有动态字段名称,您必须执行以下操作:
$paidscript = $row["item_name"];
$sql = $conn->prepare("UPDATE us SET {$paidscript}=:script WHERE username=:userr");
虽然如果它来自用户输入的值,您不应该动态输入字段。
答案 1 :(得分:0)
此
$sql = $conn->prepare("UPDATE us SET {$paidscript}=:script WHERE username=:userr");
而不是:
$sql = $conn->prepare("UPDATE us SET :script=:script WHERE username=:userr");