我的INSERT声明不起作用。受影响的行数受0影响。这是我的代码:
<?php
require_once('class.config.php');
class userActions{
public $link;
function __construct(){
$db_connection = new dbConnection();
$this->link = $db_connection->connect();
return $this->link;
}
function registerUsers($username, $password, $ip_address){
$query = $this->link->prepare("INSERT INTO users (user_name,password,ip_address) VALUES (?,?,?)");
$values = array($username, $password, $ip_address);
$query->execute($values);
$counts = $query->rowCount();
return $counts;
}
}
$users = new userActions();
echo $users->registerUsers('bob', 'dave123','127.0.0.1');
?>
我做错了什么?
编辑:这是我的class.config.php:
class dbConnection{
protected $db_conn;
public $db_host = "localhost:8080";
public $db_user = "root";
public $db_pass = "";
public $db_name = "facebook";
function connect(){
try{
$this->db_conn = new PDO("mysql:host = $this->db_host; dbname = $this->db_name",
$this->db_user, $this->db_pass);
$this->db_conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $this->db_conn;
}
catch(PDOException $e){
return "MySQL error : " . $e->getMessage();
}
}
}
答案 0 :(得分:2)
将registerUsers功能代码更改为
如果您使用mysqli,请使用以下
function registerUsers($username, $password, $ip_address){
$query = $this->link->prepare("INSERT INTO users (user_name,password,ip_address) VALUES (?,?,?)");
$query->bind_param("sss", $username, $password, $ip_address);
$query->execute();
}
修改
我看到你正在使用PDO。
尝试像下面的任何人一样使用
function registerUsers($username, $password, $ip_address){
$query = $this->link->prepare("INSERT INTO users (user_name,password,ip_address) VALUES (:username,:password,:ip_address)");
$query->bindParam(':username', $username);
$query->bindParam(':password', $password);
$query->bindParam(':ip_address', $ip_address);
$query->execute();
}
OR
function registerUsers($username, $password, $ip_address){
$query = $this->link->prepare("INSERT INTO users (user_name,password,ip_address) VALUES (:username,:password,:ip_address)");
$query->execute(array('username' => $username, 'password' => $password, 'ip_address' => $ip_address));
}
我更愿意使用bindParam,因为它是安全的,它取代了my_real_escape_string。
答案 1 :(得分:0)
以下内容可以帮助您了解如何通过oop编程插入数据库
数据库类:
public static $con;
public static function connect($hostname , $username , $password , $database)
{
self::$con = mysqli_connect($hostname , $username , $password , $database) or die('Error: '.mysqli_connect_error());
}
public static function disconnect()
{
mysqli_close(self::$con);
}
public static function insert($sql , $values)
{
$values = self::safeValues($values);
$sql = self::$con->prepare($sql);
mysqli_set_charset(self::$con , 'UTF8');
self::bindValues($sql , $values);
$save = $sql->execute();
return $save;
}
public function safeValues($values = null)
{
if($values != null)
{
for($i = 0 ; $i < count($values) ; $i++)
{
$values[$i] = trim($values[$i]);
$values[$i] = strip_tags($values[$i]);
mysqli_real_escape_string(self::$con , $values[$i]);
}
}
return $values;
}
public function bindValues($sql, $values = null)
{
if ($values != null)
{
// Generate the Type String (eg: 'issisd')
$types = '';
foreach($values as $value)
{
if(is_int($value))
$types .= 'i';
elseif (is_float($value))
$types .= 'd';
elseif (is_string($value))
$types .= 's';
else
$types .= 'b';
}
// Add the Type String as the first Parameter
$bind_names[] = $types;
// Loop thru the given Parameters
for ($i = 0 ; $i < count($values) ; $i++)
{
// Create a variable Name
$bind_name = 'bind'.$i;
// Add the Parameter to the variable Variable
$$bind_name = $values[$i];
// Associate the Variable as an Element in the Array
$bind_names[] = &$$bind_name;
}
// Call the Function bind_param with dynamic Parameters
call_user_func_array(array($sql,'bind_param') , $bind_names);
}
return $sql;
}
在您的家庭课程中,您可以像这样插入:
家庭班级:
DB::connect('localhost' , 'username' , 'password' , 'database');
DB::insert("INSERT INTO table(field1, field2) VALUES (? , ?)" , [ $val1 , $val2 ] );
我希望这对你有所帮助。
答案 2 :(得分:-1)
所以我通过在class.config.php中删除localhost:8080 127.0.0.1来解决我的代码。