PHP PDO代码连接到数据库,但不执行查询,也不返回错误

时间:2019-02-27 07:52:17

标签: php oop pdo

我正在尝试创建用户注册和登录系统。我的代码正在连接到数据库,表单正在馈送数据,但语句未执行。也没有错误消息。

public function reg_user($username, $email, $address, $pwd){
    $pass = password_hash($pwd, PASSWORD_BCRYPT);
    $check = $this->db->prepare('SELECT * FROM bakery_users WHERE u_mail = :u_mail');
    $check->bindParam(':u_mail', $email, PDO::PARAM_STR);
    $check->execute();
    $count = $check->rowCount();

    if($count < 0){
        $reg = $db->prepare('INSERT INTO bakery_users (u_name, u_mail, u_add u_pass) VALUES (:u_name, :u_mail, :u_add, :u_pass)');
        $reg->bindParam(':u_mail', $username,PDO::PARAM_STR);
        $reg->bindParam(':u_mail', $email,PDO::PARAM_STR);
        $reg->bindParam(':u_add', $address,PDO::PARAM_STR); 
        $reg->bindParam(':u_pass', $pass,PDO::PARAM_STR);
        $reg->execute();
        return true;
    }else{
        $db = null;
        return false;
    }
}  

2 个答案:

答案 0 :(得分:1)

我认为主要问题在于sql语句-它缺少u_addu_pass之间的逗号

$reg = $db->prepare('INSERT INTO bakery_users (u_name, u_mail, u_add, u_pass) VALUES (:u_name, :u_mail, :u_add, :u_pass)');

如果您测试prepare的返回值,则可以根据其成功/失败来派生逻辑

        if( $reg ){
            $reg->bindParam(':u_mail', $username,PDO::PARAM_STR);
            $reg->bindParam(':u_mail', $email,PDO::PARAM_STR);
            $reg->bindParam(':u_add', $address,PDO::PARAM_STR);
            $reg->bindParam(':u_pass', $pass,PDO::PARAM_STR);
            $reg->execute();
            return true;            
        } else {
            exit('error');
        }

您在第一个bind语句中也使用了错误的参数

$reg->bindParam(':u_mail', $username,PDO::PARAM_STR);

应该是

$reg->bindParam(':u_name', $username,PDO::PARAM_STR);

您可以使用try/catch块以这种建设性的方式尝试找出问题

public function reg_user($username, $email, $address, $pwd){
    try{
        $pass = password_hash($pwd, PASSWORD_BCRYPT);
        $check = $this->db->prepare('SELECT * FROM `bakery_users` WHERE `u_mail` = :u_mail');
        if( !$check )throw new Exception('Failed to prepare SELECT query');

        $check->bindParam(':u_mail', $email, PDO::PARAM_STR);
        $check->execute();
        $count = $check->rowCount();

        if( $count < 0 ){

            $reg = $db->prepare('INSERT INTO `bakery_users` (`u_name`, `u_mail`, `u_add`, `u_pass` ) VALUES ( :u_name, :u_mail, :u_add, :u_pass )');

            if( $reg ){
                $reg->bindParam(':u_name', $username,PDO::PARAM_STR);
                $reg->bindParam(':u_mail', $email,PDO::PARAM_STR);
                $reg->bindParam(':u_add', $address,PDO::PARAM_STR);
                $reg->bindParam(':u_pass', $pass,PDO::PARAM_STR);
                $reg->execute();

                return true;            
            } else {
                throw new Exception('Failed to prepare INSERT query')
            }
        } else{
           $db = null;
           return false;
        }
    }catch( Exception $e ){
        exit( sprintf('An error "%s" on line %d of "%s"',$e->getMessage(),$e->getLine(),__METHOD__ ) );
    }
}

我应该早点发现使用if( $count < 0 )〜应该是if( $count==0 )

public function reg_user( $username=false, $email=false, $address=false, $pwd=false ){
    try{
        if( !( $username & $email & $address & $pwd ) ) throw new Exception('bad foo');

        $sql='SELECT * FROM `bakery_users` WHERE `u_mail` = :u_mail';
        $stmt = $this->db->prepare( $sql );

        if( !$stmt ) throw new Exception('Failed to prepare SELECT query');

        $args=array( ':u_mail' => $email );
        $stmt->execute( $args );
        $count = $stmt->rowCount();

        if( $count == 0 ){
            $sql='INSERT INTO `bakery_users` ( `u_name`, `u_mail`, `u_add`, `u_pass` ) VALUES ( :u_name, :u_mail, :u_add, :u_pass )';
            $stmt = $db->prepare( $sql );
            if( $stmt ){
                $args=array(
                    ':u_name'   =>  $username,
                    ':u_mail'   =>  $email,
                    ':u_add'    =>  $address,
                    ':u_pass'   =>  password_hash( $pwd, PASSWORD_BCRYPT )
                );
                return $stmt->execute( $args );       
            } else {
                throw new Exception('Failed to prepare INSERT query')
            }
        } else{
           $db = null;
           return false;
        }
    }catch( Exception $e ){
        exit( sprintf( 'An error "%s" on line %d of "%s"', $e->getMessage(), $e->getLine(), __METHOD__ ) );
    }
}

答案 1 :(得分:0)

  

也没有错误消息

因为使用了错误的PDO错误模式,所以使用的是默认模式,即iirc,称为PDO::ERRMODE_SILENT

这是创建PDO对象的正确方法:

$db = new PDO('mysql:host=localhost;dbname=testdb;charset=utf8mb4', 'username', 'password', 
array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));

在创建自己的作品时,您忘记了PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION部分。