尝试使用预准备语句时未捕获异常'PDOException'

时间:2016-05-04 13:04:16

标签: php mysql apache pdo

我是PDO的新手,我正在努力了解如何制作准备好的陈述,但我不知道我在做错了什么是我的留言

  

致命错误:未捕获异常'PDOException',消息'SQLSTATE [HY093]:参数号无效:参数未定义'在C:\ xampp \ htdocs \ Final \ include \ addbloguser.php:66堆栈跟踪:#0 C:\ xampp \ htdocs \ Final \ include \ addbloguser.php(66):PDOStatement-> execute()#1 C:\ xampp \ htdocs \ Final \ blogcp.php(49):require('C:\ xampp \ htdocs ...')在第66行的C:\ xampp \ htdocs \ Final \ include \ addbloguser.php中抛出#2 {main}

这是代码。我很确定我犯了很多错误,如果你有时间可以向我解释我做错了什么以及如何解决它? 

<?php


try {


require SITE_ROOT .  '\include\db_connect.php';

}
catch(PDOException $e)
{ 
echo $e->getMessage();
}


$name = $_POST['fname']; 
$lname = $_POST['lname'];
$username = $_POST['username']; 
$state = "basic"; 
$email = $_POST['email'];   
$password = $_POST['pass']; 
$password1 = $_POST['rpass'];



//verifications

//password 

if (empty($name) || empty($username) || empty($email) || empty($password) || empty($password1)){
    $error = "Complete all fields";
}
if ($password != $password1){
    $error = "Passwords don't match";
}

if (strlen($password) <= 6){
    $error = "Choose a password longer than 6 character";
}


if(!isset($error)){
//no error
$sthandler = $conn->prepare("SELECT username FROM blogusers WHERE username = :username");
$sthandler->bindParam(':username', $username);
$sthandler->execute();

if($sthandler->rowCount() > 0){
    echo "exists! cannot insert";
} else {
    //Securly insert into database
    $sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password) VALUES (:name,:lnane:,:username,:state,:email,:password)';    
    $stmt = $conn->prepare($sql);
    $stmt->bindParam(':name',$name);
    $stmt->bindParam(':lname',$lname);
    $stmt->bindParam(':username',$username);
    $stmt->bindParam(':state',$state);
    $stmt->bindParam(':email',$email);
    $stmt->bindParam(':password',$password);
   $name = $_POST['fname']; 
$lname = $_POST['lname'];
$username = $_POST['username']; 
$state = "basic"; 
$email = $_POST['email'];   
$password = $_POST['pass']; 
    $stmt->execute();
    }
}else{
    echo "error occured: ".$error;
    exit();
}

?>

1 个答案:

答案 0 :(得分:1)

您的插入内容正在使用:lnane:,并且您正在绑定:lname

$sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password) 
   VALUES (:name,:lnane:,:username,:state,:email,:password)';

更正的行看起来像这样:

    $sql = 'INSERT INTO blogusers (name , lname ,username, state , email, password) 
   VALUES (:name,:lname,:username,:state,:email,:password)';
相关问题
最新问题