无法使用我的SQL查询调试语法错误

时间:2018-10-22 10:21:42

标签: php sql

我的程序无法正常工作,我不确定哪一点出了错

  • 基本上,我从第一个PHP页面中获得了artist_id通过get。
  • 我还有另外2个表。 1表包含我想要的信息。但是,我需要将我的初始值与外部表进行比较,以便从需要从中获取信息的主表中建立关系。
  • SQL查询背后的逻辑是正确的。但是,我不确定我是否犯了语法错误,无法弄清。

此外,我发现调试这些程序非常繁琐。检查我的SQL查询语法是否正确的最佳方法是什么?

<!doctype html>
<html>
  <head>
    <meta charset="utf-8">
<style>
table,th,td{
border: 1px solid black;
}
</style>
    <title>My second PHP page</title>
  </head>
  <body>
    <?php
      include 'config.php';
    ?>
    <?php
     $pdo = new PDO("mysql:dbname=${config['dbname']};host=${config['host']};charset=utf8",
                     $config['name'], $config['pass']);
    $my_id= $_GET['val'];
    $sql = ' SELECT name, venue, schedule FROM events'
           .' WHERE event_id IN'
           .' (SELECT event_id FROM performs'
           .' WHERE artist_id = :variable) '
            .' ORDER BY schedule DESC,
                       event_id ASC';

       $stmt->execute([':variable' => $my_id ]);

  $result = $pdo->query($sql);

       echo "<table>";
      echo "<tr><th>Event name</th><th>Venue</th><th>Schedule</th></tr>";
      foreach ($result as $row) {
         echo "<tr>";
         $name = htmlspecialchars($row['name']);
         $venue = htmlspecialchars($row['venue']);
         $schedule = htmlspecialchars($row['schedule'];
         echo "<td>".$name."</td>";
         echo"<td>".$venue."</td>";
         echo"<td>".$schedule."</td>";
         echo "</tr>";

      }

        echo "</table>";


    ?>

</body>

1 个答案:

答案 0 :(得分:0)

您的代码中没有任何语法错误,但是您使用的是PDO错误的是,当我在本地计算机中复制代码时,出现以下错误:

  Notice: Undefined variable: stmt in your_file.php on line 12

  Fatal error: Call to a member function execute() on null in your_file.php on line 12

您不能使用PDO::query()绑定变量,而必须使用PDO::prepare()

  

PDO::prepare( string $statement [, array $driver_options = array() ] )准备要由   PDOStatement :: execute()方法。 SQL语句可以包含零或   为其指定的更多命名(:name)或问号(?)参数标记   执行该语句时,实际值将被替换。您   不能同时使用命名和问号参数标记   相同的SQL语句;选择一种或另一种参数样式。使用这些   绑定任何用户输入的参数,不包括用户输入   直接在查询中。

PDO::prepare example来自php文档:

示例#1使用命名参数准备一条SQL语句     

   /* Execute a prepared statement by passing an array of values */
   $sql = 'SELECT name, colour, calories
           FROM fruit
           WHERE calories < :calories AND colour = :colour';
   $sth = $dbh->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
   $sth->execute(array(':calories' => 150, ':colour' => 'red'));
   $red = $sth->fetchAll();
   $sth->execute(array(':calories' => 175, ':colour' => 'yellow'));
   $yellow = $sth->fetchAll();  
?>   

示例#2准备带有问号参数的SQL语句

<?php  

   /* Execute a prepared statement by passing an array of values */
   $sth = $dbh->prepare('SELECT name, colour, calories
                         FROM fruit
                         WHERE calories < ? AND colour = ?');
   $sth->execute(array(150, 'red'));
   $red = $sth->fetchAll();
   $sth->execute(array(175, 'yellow'));
   $yellow = $sth->fetchAll();
?>

现在,在下面,我展示了如何为您的代码使用PDO :: prepare,我只会显示您必须更改代码的位置:

<?php
 $pdo = new 
PDO("mysql:dbname=${config['dbname']};host=${config['host']};charset=utf8",
                 $config['name'], $config['pass']);
$my_id= $_GET['val'];
$stmt = $pdo->prepare('SELECT name, venue, schedule FROM events
                       WHERE event_id IN
                      (SELECT event_id FROM performs WHERE artist_id = :variable)
                       ORDER BY schedule DESC, event_id ASC');

$stmt->execute([':variable' => $my_id ]);

foreach ($stmt as $row) {

//fetch and use you result set as you want here

}