我正在尝试通过一个函数添加一些内容,但它不起作用..我已经多次调试..但找不到任何错误..如果有人解决这个问题会很有帮助..
这是我的功能:
public function AddCategory($cat_name,$uploader_id)
{
try {
$con = DB();
$sql = $con->prepare("INSERT INTO category(cat_name,uploader_id,uploaded_on) VALUES (:cat_name,:uploader_id,NOW())");
$sql->bindParam("cat_name", $cat_name, PDO::PARAM_STR);
$sql->bindParam("uploader_id", $uploader_id, PDO::PARAM_STR);
$sql->execute();
return $con->lastInsertId();
} catch (PDOException $e) {
exit($e->getMessage());
}
}
这就是我正在使用它的地方
<?php
$add_cat_error_message = '';
$obj_add_cat = new Add();
if (!empty($_POST['add_cat'])) {
if ($_POST['cat_name'] == "") {
$add_cat_error_message = 'Category name is required!';
} else if ($obj_add_cat->ChkCat($_POST['cat_name'])) {
$add_cat_error_message = 'category is already in use!';
} else {
$cat = $obj_add_cat->AddCategory($_POST['cat_name'],$_SESSION['user_id']);
echo "added";
}
}
?&GT;
答案 0 :(得分:1)
在你的情况下,有太多的未知数。首先,您必须启用正确的错误报告级别 - 仅用于开发 - 让错误显示在屏幕上。其次,有一些重要的错误/失败情况,你没有用你的异常处理代码覆盖。
另外,我会使用bindValue()而不是bindParam()。在bindValue()的情况下,您可以在执行预准备语句之前验证绑定输入参数的结果。
我写了一段代码,希望对你有所帮助。
祝你好运!<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
/*
* =====================================================
* Create a PDO instance as db connection - to mysql db.
* =====================================================
*/
try {
// Create PDO instance.
$connection = new PDO(
'mysql:host=localhost;port=3306;dbname=yourDb;charset=utf8'
, 'yourDbUsername'
, 'yourDbPassword'
);
// Assign driver options.
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$connection->setAttribute(PDO::ATTR_EMULATE_PREPARES, FALSE);
$connection->setAttribute(PDO::ATTR_PERSISTENT, TRUE);
} catch (Exception $exc) {
echo '<pre>' . print_r($exc, TRUE) . '</pre>';
exit();
}
/*
* =====================================================================
* Create class instance (with connection as argument) and run the code.
* =====================================================================
*/
$add_obj = new Add($connection);
if (isset($_POST['add_cat']) && !empty($_POST['add_cat'])) {
if (isset($_POST['cat_name']) && !empty($_POST['cat_name'])) {
$caid = $add_obj->AddCategory($_POST['cat_name']);
echo 'Added with id: ' . $caid;
} else {
echo 'Please provide the category name!';
}
} else {
echo 'Please provide the add_cat!';
}
class Add {
private $connection;
/**
*
* @param PDO $connection Db connection.
*/
public function __construct(PDO $connection) {
$this->connection = $connection;
}
/**
* Add category.
*
* @param string $categoryName Category name.
* @throws UnexpectedValueException
*/
public function AddCategory($categoryName) {
try {
/*
* Prepare and validate the sql statement.
*
* --------------------------------------------------------------------------------
* If the database server cannot successfully prepare the statement, PDO::prepare()
* returns FALSE or emits PDOException (depending on error handling settings).
* --------------------------------------------------------------------------------
*/
$sql = 'INSERT INTO category (
cat_name
) VALUES (
:cat_name
)';
$statement = $this->connection->prepare($sql);
if (!$statement) {
throw new UnexpectedValueException('The sql statement could not be prepared!');
}
/*
* Bind the input parameters to the prepared statement.
*
* -----------------------------------------------------------------------------------
* Unlike PDOStatement::bindValue(), when using PDOStatement::bindParam() the variable
* is bound as a reference and will only be evaluated at the time that
* PDOStatement::execute() is called.
* -----------------------------------------------------------------------------------
*/
// $bound = $statement->bindParam(':cat_name', $categoryName, PDO::PARAM_STR);
$bound = $statement->bindValue(':cat_name', $categoryName, PDO::PARAM_STR);
if (!$bound) {
throw new UnexpectedValueException('An input parameter could not be bound!');
}
/*
* Execute the prepared statement.
*
* ------------------------------------------------------------------
* PDOStatement::execute returns TRUE on success or FALSE on failure.
* ------------------------------------------------------------------
*/
$executed = $statement->execute();
if (!$executed) {
throw new UnexpectedValueException('The prepared statement could not be executed!');
}
/*
* Get last insert id.
*/
$lastInsertId = $this->connection->lastInsertId();
if (!isset($lastInsertId)) {
throw new UnexpectedValueException('The prepared statement could not be executed!');
}
} catch (Exception $exc) {
echo '<pre>' . print_r($exc, TRUE) . '</pre>';
exit();
}
}
}
编辑1 :刚刚反转了&#34; index.php&#34;中的HTTP POST验证。
答案 1 :(得分:0)
public function AddCategory($cat_name)
{
try {
//$con = DB(); Sometimes size matters!
$con = new DB();
if( !$con ){ echo "No Database Connection!"; die();}
$sql = $con->prepare("INSERT INTO category(cat_name)values(:cat_name)");
$sql->bindParam(":cat_name", $cat_name, PDO::PARAM_STR);
$sql->execute();
} catch (Exception $e) {
exit($e->getMessage());
}
}