我浏览有关准备好的陈述的其他文章。我收到以下错误:
You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near ':first_name,
:last_name, :birthdate, :nationality, :sex, :phone_number, :email)' at line 1
我似乎无法弄清楚为什么会收到此错误。我在网上找到的所有内容都无济于事。我希望有人可以指出正确的方向。
$db= new mysqli(DB_SERVER, DB_USER, DB_PASS, DB_NAME);
$sql = "INSERT INTO persons (first_name, last_name, birthdate, nationality, sex, phone_number, email)
VALUES (:first_name, :last_name, :birthdate, :nationality, :sex, :phone_number, :email)";
$stmt = $db->stmt_init();
if ($stmt->prepare($sql)) { // insert preparement succeed
// bind varaibles to prepared statement as parameters
foreach ($params as $field=>$value) {
$field = ':' . $field;
if (!$stmt->bind_param($field, $value)) {
// bind param failled
echo $db->error;
// Close statement
$stmt->close();
db_disconnect($db);
exit();
}
}
// bind param succeed, execute the prepared statement
if ($stmt->execute()) {
// Close statement
$stmt->close();
return true;
} else {
// insert execute failled
echo $db->error;
// Close statement
$stmt->close();
db_disconnect($db);
exit();
}
} else {
// insert preparement failled
echo $db->error ;
db_disconnect($db);
exit();
}
MySQLI不支持诸如:first_name之类的占位符。如果您希望使用这种连接,请尝试PDO:
<?php
$host = "localhost";
$user = "username";
$pass = "password";
$datb = "myDBPDO";
$dsn = "mysql:host=$host;dbname=$datb";
$options = [
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION,
\PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC,
\PDO::ATTR_EMULATE_PREPARES => false,
];
$conn = new \PDO($dsn, $user, $pass, $options);
if (!$conn) { //Upon failure
die('Error connecting to database.');
}
// Prepare SQL and bind parameters
$stmt = $conn->prepare("INSERT INTO delivery(fname,lname,address,city,zip,phone,email) VALUES(:fname, :lname, :address, :city, :zip, :phone, :email)");
$params = [
'fname' => $_POST['fname'],
'lname' => $_POST['lname'],
'address' => $_POST['address'],
'city' => $_POST['city'],
'zip' => $_POST['zip'],
'phone' => $_POST['phone'],
'email' => $_POST['email']
];
$stmt->execute($params);
echo "New records created successfully";