我的程序无法正常工作,我不确定哪一点出了错
此外,我发现调试这些程序非常繁琐。检查我的SQL查询语法是否正确的最佳方法是什么?
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<style>
table,th,td{
border: 1px solid black;
}
</style>
<title>My second PHP page</title>
</head>
<body>
<?php
include 'config.php';
?>
<?php
$pdo = new PDO("mysql:dbname=${config['dbname']};host=${config['host']};charset=utf8",
$config['name'], $config['pass']);
$my_id= $_GET['val'];
$sql = ' SELECT name, venue, schedule FROM events'
.' WHERE event_id IN'
.' (SELECT event_id FROM performs'
.' WHERE artist_id = :variable) '
.' ORDER BY schedule DESC,
event_id ASC';
$stmt->execute([':variable' => $my_id ]);
$result = $pdo->query($sql);
echo "<table>";
echo "<tr><th>Event name</th><th>Venue</th><th>Schedule</th></tr>";
foreach ($result as $row) {
echo "<tr>";
$name = htmlspecialchars($row['name']);
$venue = htmlspecialchars($row['venue']);
$schedule = htmlspecialchars($row['schedule'];
echo "<td>".$name."</td>";
echo"<td>".$venue."</td>";
echo"<td>".$schedule."</td>";
echo "</tr>";
}
echo "</table>";
?>
</body>
答案 0 :(得分:0)
您的代码中没有任何语法错误,但是您使用的是PDO错误的是,当我在本地计算机中复制代码时,出现以下错误:
Notice: Undefined variable: stmt in your_file.php on line 12
Fatal error: Call to a member function execute() on null in your_file.php on line 12
您不能使用PDO::query()
绑定变量,而必须使用PDO::prepare()
。
PDO::prepare( string $statement [, array $driver_options = array() ] )准备要由 PDOStatement :: execute()方法。 SQL语句可以包含零或 为其指定的更多命名(:name)或问号(?)参数标记 执行该语句时,实际值将被替换。您 不能同时使用命名和问号参数标记 相同的SQL语句;选择一种或另一种参数样式。使用这些 绑定任何用户输入的参数,不包括用户输入 直接在查询中。
PDO::prepare example
来自php文档:
示例#1使用命名参数准备一条SQL语句
/* Execute a prepared statement by passing an array of values */
$sql = 'SELECT name, colour, calories
FROM fruit
WHERE calories < :calories AND colour = :colour';
$sth = $dbh->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$sth->execute(array(':calories' => 150, ':colour' => 'red'));
$red = $sth->fetchAll();
$sth->execute(array(':calories' => 175, ':colour' => 'yellow'));
$yellow = $sth->fetchAll();
?>
示例#2准备带有问号参数的SQL语句
<?php
/* Execute a prepared statement by passing an array of values */
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < ? AND colour = ?');
$sth->execute(array(150, 'red'));
$red = $sth->fetchAll();
$sth->execute(array(175, 'yellow'));
$yellow = $sth->fetchAll();
?>
现在,在下面,我展示了如何为您的代码使用PDO :: prepare,我只会显示您必须更改代码的位置:
<?php
$pdo = new
PDO("mysql:dbname=${config['dbname']};host=${config['host']};charset=utf8",
$config['name'], $config['pass']);
$my_id= $_GET['val'];
$stmt = $pdo->prepare('SELECT name, venue, schedule FROM events
WHERE event_id IN
(SELECT event_id FROM performs WHERE artist_id = :variable)
ORDER BY schedule DESC, event_id ASC');
$stmt->execute([':variable' => $my_id ]);
foreach ($stmt as $row) {
//fetch and use you result set as you want here
}