MySql插入查询错误:无效的参数编号:参数未定义

时间:2019-04-10 16:38:32

标签: php mysql

我正在尝试使用查询在我的数据库中插入一些日志数据,以后当有人更改密码时我将需要它,但是我无法添加插入查询,我总是在标题中遇到此错误,这是我的代码

$oldpw = $_POST['oldpw'];
$newpwd = $_POST['newpwd'];
$newpwd2 = $_POST['newpwd2'];
$username = LoggedUser()['Username'];
$qvars = [':User'=>$username,':oldpw'=>md5($oldpw)];
$qvars[':pass'] = md5($newpwd);
    $insertuser = query("insert into SRO_VT_WEBSITE..TB_User (StrUserID,encrypted_password,old_password,new_password) values (:User,:oldpw,'$oldpw','$newpwd')", $qvars);

这是conn文件的代码以及其中的“查询”功能

function Open($host, $user, $pass, $acc, $shd, $log)
{
global $conn;
global $array;
global $_allowSecretCode;
global $_secretCodeColumn;

 $conn = new PDO("sqlsrv:server=$host;database=$acc", $user, $pass,[PDO::ATTR_TIMEOUT=>5]);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$array[] = $host;
$array[] = $user;
$array[] = $pass;
$array[] = $acc;
$array[] = $shd;
$array[] = $log;

if ($_allowSecretCode && !ColExist($_secretCodeColumn, "TB_User", $array[3]))
    $_allowSecretCode = false;
}

/* Execute a Query */
function query($query, array $args)
{
try {
    global $conn;
    $q = $conn->prepare($query);
    $q->execute($args);
    //_log("db.log", "QueryExecuted: " . $query . "\n"); logging
} catch (PDOException $e) {
    HandleException($e, $query);
} catch (Exception $e) {
    HandleException($e, $query);
}
return $q;
}

1 个答案:

答案 0 :(得分:0)

您需要在此处绑定查询参数:

$q = $conn->prepare($query);
    $q->execute($args);

https://www.php.net/manual/en/mysqli-stmt.bind-param.php https://www.php.net/manual/en/pdostatement.bindparam.php