search

Home >Backend Development >PHP Tutorial >mysql - Error using PDO to query database in php

mysql - Error using PDO to query database in php

WBOY
WBOYOriginal
2016-09-19 09:16:341206browse

The query code is: 

<code>$email=htmlspecialchars($_POST["email"]);
if($sql->getData('SELECT * FROM user WHERE email='.$email)==NULL){
</code>

The code for getData is: 

<code>public function getData($sql,$type=1){
    $data=Array();
    $db=$this->db();

    $result=$db->query($sql);
    $sth = $db->prepare($sql);
    $sth->execute();
    if(is_bool($result))
        return $result;
    if($type==1)
        while($a = $sth->fetch(PDO::FETCH_ASSOC))
            $data[]=$a;
    elseif($type==2)
        while($a = $sth->fetch(PDO::FETCH_BOTH))
            $data[]=$a;

    if($data)
        return $data;
    else
        return NULL;
}
</code>

The error message is: 

<code>Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com' at line 1' in D:\phpStudy\WWW\core\mysql\drivers\PDO.php:61 Stack trace: #0 D:\phpStudy\WWW\core\mysql\drivers\PDO.php(61): PDO->query('SELECT * FROM u...') #1 D:\phpStudy\WWW\core\login.php(105): DB_PDO->getData('SELECT * FROM u...') #2 {main} thrown in D:\phpStudy\WWW\core\mysql\drivers\PDO.php on line 61</code>

Reply content:

The query code is: 

<code>$email=htmlspecialchars($_POST["email"]);
if($sql->getData('SELECT * FROM user WHERE email='.$email)==NULL){
</code>

The code for getData is: 

<code>public function getData($sql,$type=1){
    $data=Array();
    $db=$this->db();

    $result=$db->query($sql);
    $sth = $db->prepare($sql);
    $sth->execute();
    if(is_bool($result))
        return $result;
    if($type==1)
        while($a = $sth->fetch(PDO::FETCH_ASSOC))
            $data[]=$a;
    elseif($type==2)
        while($a = $sth->fetch(PDO::FETCH_BOTH))
            $data[]=$a;

    if($data)
        return $data;
    else
        return NULL;
}
</code>

The error message is: 

<code>Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com' at line 1' in D:\phpStudy\WWW\core\mysql\drivers\PDO.php:61 Stack trace: #0 D:\phpStudy\WWW\core\mysql\drivers\PDO.php(61): PDO->query('SELECT * FROM u...') #1 D:\phpStudy\WWW\core\login.php(105): DB_PDO->getData('SELECT * FROM u...') #2 {main} thrown in D:\phpStudy\WWW\core\mysql\drivers\PDO.php on line 61</code>

You need to quote your emailaddress

<code class="php"><?php
$email=htmlspecialchars($_POST["email"]);
if($sql->getData('SELECT * FROM user WHERE email="'.$email.'"')==NULL){
</code>

This is a syntax error in your SQL statement. The string must be enclosed in quotation marks: 

<code class="php">$pdo->getData("SELECT * FROM `table` WHERE `email` = '{$email}'");</code>

If you encounter this kind of error in the future, you will know where you went wrong by printing your statement

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:thinkphp $_GET string + is filtered into spacesNext article:thinkphp $_GET string + is filtered into spaces

Related articles

See more