mysql - Error using PDO to query database in php-PHP Tutorial-php.cn

mysql - Error using PDO to query database in php

WBOY

Release： 2016-09-19 09:16:34

Original

1205 people have browsed it

The query code is:

<code>$email=htmlspecialchars($_POST["email"]);
if($sql->getData('SELECT * FROM user WHERE email='.$email)==NULL){
</code>

Copy after login

The code for getData is:

<code>public function getData($sql,$type=1){
    $data=Array();
    $db=$this->db();

    $result=$db->query($sql);
    $sth = $db->prepare($sql);
    $sth->execute();
    if(is_bool($result))
        return $result;
    if($type==1)
        while($a = $sth->fetch(PDO::FETCH_ASSOC))
            $data[]=$a;
    elseif($type==2)
        while($a = $sth->fetch(PDO::FETCH_BOTH))
            $data[]=$a;

    if($data)
        return $data;
    else
        return NULL;
}
</code>

Copy after login

The error message is:

<code>Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com' at line 1' in D:\phpStudy\WWW\core\mysql\drivers\PDO.php:61 Stack trace: #0 D:\phpStudy\WWW\core\mysql\drivers\PDO.php(61): PDO->query('SELECT * FROM u...') #1 D:\phpStudy\WWW\core\login.php(105): DB_PDO->getData('SELECT * FROM u...') #2 {main} thrown in D:\phpStudy\WWW\core\mysql\drivers\PDO.php on line 61</code>

Copy after login

Reply content:

The query code is:

<code>$email=htmlspecialchars($_POST["email"]);
if($sql->getData('SELECT * FROM user WHERE email='.$email)==NULL){
</code>

Copy after login

The code for getData is:

<code>public function getData($sql,$type=1){
    $data=Array();
    $db=$this->db();

    $result=$db->query($sql);
    $sth = $db->prepare($sql);
    $sth->execute();
    if(is_bool($result))
        return $result;
    if($type==1)
        while($a = $sth->fetch(PDO::FETCH_ASSOC))
            $data[]=$a;
    elseif($type==2)
        while($a = $sth->fetch(PDO::FETCH_BOTH))
            $data[]=$a;

    if($data)
        return $data;
    else
        return NULL;
}
</code>

Copy after login

The error message is:

<code>Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com' at line 1' in D:\phpStudy\WWW\core\mysql\drivers\PDO.php:61 Stack trace: #0 D:\phpStudy\WWW\core\mysql\drivers\PDO.php(61): PDO->query('SELECT * FROM u...') #1 D:\phpStudy\WWW\core\login.php(105): DB_PDO->getData('SELECT * FROM u...') #2 {main} thrown in D:\phpStudy\WWW\core\mysql\drivers\PDO.php on line 61</code>

Copy after login

You need to quote your emailaddress

<code class="php"><?php
$email=htmlspecialchars($_POST["email"]);
if($sql->getData('SELECT * FROM user WHERE email="'.$email.'"')==NULL){
</code>

Copy after login

This is a syntax error in your SQL statement. The string must be enclosed in quotation marks:

<code class="php">$pdo->getData("SELECT * FROM `table` WHERE `email` = '{$email}'");</code>

Copy after login

If you encounter this kind of error in the future, you will know where you went wrong by printing your statement