我正在处理一个PHP代码,它处理三个变量的查找,$ email,$ password和$ address。用户将输入他们当前要在系统中更新的电子邮件,密码和新地址。
[这是html表格] [1]
查询正在执行if语句的这一部分:
enter code here $ body。=“无效的电子邮件:$ inputemail”;
虽然我输入了正确的信息但它是如何说无效的电子邮件?我是编码的新手,所以我无法弄清问题是什么。此外,我使用var_dump($db->errorInfo());进行了调试,并返回了数组(size = 3)
0 => string '' (length=0)
1 => null
2 => null
<?php
include_once('support.php');
include_once('connect_database.php');
//connect_database.php contains your connection/creation of a PDO to connect to your MYSQL db on bmgt406.rhsmith.umd.edu/phpmyadmin
ini_set("display_errors","1");
error_reporting(E_ALL);
// Initialize $title and $body.
$title = "Simple Update Request";
$body = "<fieldset><legend>" .$title . "</legend>";
// Initialize variables with values for the name of the table ($name_of_table)
// and the 3 fields - email, password, and address using method GET.
$name_of_table = "requests";
$inputemail = $_GET['email'];
$inputpassword = $_GET['password'];
$address = $_GET['address'];
var_dump($db->errorInfo());
// Check if the table exists in the db
if (tableExists($db, $name_of_table))
{
// Prepare a SQL select query and bind the 3 variables to email, password, and address fields in your database.
$sqlQuery = "SELECT * FROM $name_of_table WHERE email = :email";
$statement1 = $db->prepare($sqlQuery);
$statement1->bindValue(':email', $inputemail, PDO::PARAM_STR);
// Execute the SQL query and store in $result
$result = $statement1->execute();
if (!$result) {
// Retrieving records failed.
$body .= "Retrieving records from table " . $name_of_table . " failed. <br/>";
} else {
// Retrieving records successful.
// Retrieve result into $singleRow using fetch();
$singleRow = $statement1->fetch();
if (!$singleRow){
// Invalid email address has been entered.
$body .= "Invalid email: $inputemail";
} else {
if ($singleRow['password'] != $inputpassword) {
// If the password is not the same as $inputpassword, then an "Invalid Password" has been entered.
$body .= "Invalid password.";
// Get current value from table before UPDATING the user's new address.
} else {
$address = $singleRow['address'];
// Close previous SQl query connection before starting a new query.
$statement1->closeCursor();
// Prepare a SQL Query to update the user information and execute the query.
$sqlQuery = "UPDATE " . $name_of_table . " SET email= :email, password= :password WHERE address= :address";
$statement1 = $db->prepare($sqlQuery);
$statement1->bindValue(':address', $address, PDO::PARAM_STR);
$statement1->bindValue(':email', $inputemail, PDO::PARAM_STR);
$statement1->bindValue(':password', $inputpassword, PDO::PARAM_STR);
// Execute the SQL query and store in $result
$result = $statement1->execute();
// If everything is correct, display the UPDATED user information found (firstname, lastname, address, email, plan)
}
}
$statement1->closeCursor();
}
}
$body .= "<a href=\"index.html\"><input type=\"submit\" value = \"Main Menu\"/></a>";
$body .= "</fieldset>";
echo generatePage($title,$body);
?>
答案 0 :(得分:1)
您准备好的select语句仅引用:email,但您尝试绑定所有3个值:email,:address和:password。
你是否在第一个或第二个 - &gt; execute()语句上失败了?我的想法是你在第一个execute()语句中失败了。
答案 1 :(得分:0)
您不需要绑定&#34;地址&#34;或&#34;密码&#34;在您的SELECT查询中。您获得无效参数异常的原因是您没有将这些参数绑定到查询中的任何内容(可能是因为您不需要)。以下内容应解决您的问题:
$sqlQuery = "SELECT * FROM $name_of_table WHERE email = :email";
$statement1 = $db->prepare($sqlQuery);
$statement1->bindValue(':email', $inputemail, PDO::PARAM_STR);
// Execute the SQL query and store in $result
$result = $statement1->execute();
根据您对#34的评论,查询失败并正在从if语句执行此代码&#34;尝试通过添加var_dump($db->errorInfo());来调试代码,以便更准确地了解失败的原因。