我正在尝试创建用户注册和登录系统。我的代码连接到数据库,表单正在提供数据,但语句不会执行。也没有错误消息。
public function reg_user($username, $email, $address, $pwd){
$pass = password_hash($pwd, PASSWORD_BCRYPT);
$check = $this->db->prepare('SELECT * FROM bakery_users WHERE u_mail = :u_mail');
$check->bindParam(':u_mail', $email, PDO::PARAM_STR);
$check->execute();
$count = $check->rowCount();
if($count < 0){
$reg = $db->prepare('INSERT INTO bakery_users (u_name, u_mail, u_add u_pass) VALUES (:u_name, :u_mail, :u_add, :u_pass)');
$reg->bindParam(':u_mail', $username,PDO::PARAM_STR);
$reg->bindParam(':u_mail', $email,PDO::PARAM_STR);
$reg->bindParam(':u_add', $address,PDO::PARAM_STR);
$reg->bindParam(':u_pass', $pass,PDO::PARAM_STR);
$reg->execute();
return true;
}else{
$db = null;
return false;
}
}
我认为,主要问题在于sql语句 - 它缺少u_add和u_pass之间的逗号
$reg = $db->prepare('INSERT INTO bakery_users (u_name, u_mail, u_add, u_pass) VALUES (:u_name, :u_mail, :u_add, :u_pass)');
如果你测试prepare的返回值,你可以根据它的成功/失败来分叉逻辑
if( $reg ){
$reg->bindParam(':u_mail', $username,PDO::PARAM_STR);
$reg->bindParam(':u_mail', $email,PDO::PARAM_STR);
$reg->bindParam(':u_add', $address,PDO::PARAM_STR);
$reg->bindParam(':u_pass', $pass,PDO::PARAM_STR);
$reg->execute();
return true;
} else {
exit('error');
}
您还在第一个绑定语句中有一个名称错误的参数
$reg->bindParam(':u_mail', $username,PDO::PARAM_STR);
应该
$reg->bindParam(':u_name', $username,PDO::PARAM_STR);
您可以使用try/catch块来尝试以这样的建设性方式识别问题
public function reg_user($username, $email, $address, $pwd){
try{
$pass = password_hash($pwd, PASSWORD_BCRYPT);
$check = $this->db->prepare('SELECT * FROM `bakery_users` WHERE `u_mail` = :u_mail');
if( !$check )throw new Exception('Failed to prepare SELECT query');
$check->bindParam(':u_mail', $email, PDO::PARAM_STR);
$check->execute();
$count = $check->rowCount();
if( $count < 0 ){
$reg = $db->prepare('INSERT INTO `bakery_users` (`u_name`, `u_mail`, `u_add`, `u_pass` ) VALUES ( :u_name, :u_mail, :u_add, :u_pass )');
if( $reg ){
$reg->bindParam(':u_name', $username,PDO::PARAM_STR);
$reg->bindParam(':u_mail', $email,PDO::PARAM_STR);
$reg->bindParam(':u_add', $address,PDO::PARAM_STR);
$reg->bindParam(':u_pass', $pass,PDO::PARAM_STR);
$reg->execute();
return true;
} else {
throw new Exception('Failed to prepare INSERT query')
}
} else{
$db = null;
return false;
}
}catch( Exception $e ){
exit( sprintf('An error "%s" on line %d of "%s"',$e->getMessage(),$e->getLine(),__METHOD__ ) );
}
}
我应该早点发现使用if( $count < 0 )~应该是if( $count==0 )
public function reg_user( $username=false, $email=false, $address=false, $pwd=false ){
try{
if( !( $username & $email & $address & $pwd ) ) throw new Exception('bad foo');
$sql='SELECT * FROM `bakery_users` WHERE `u_mail` = :u_mail';
$stmt = $this->db->prepare( $sql );
if( !$stmt ) throw new Exception('Failed to prepare SELECT query');
$args=array( ':u_mail' => $email );
$stmt->execute( $args );
$count = $stmt->rowCount();
if( $count == 0 ){
$sql='INSERT INTO `bakery_users` ( `u_name`, `u_mail`, `u_add`, `u_pass` ) VALUES ( :u_name, :u_mail, :u_add, :u_pass )';
$stmt = $db->prepare( $sql );
if( $stmt ){
$args=array(
':u_name' => $username,
':u_mail' => $email,
':u_add' => $address,
':u_pass' => password_hash( $pwd, PASSWORD_BCRYPT )
);
return $stmt->execute( $args );
} else {
throw new Exception('Failed to prepare INSERT query')
}
} else{
$db = null;
return false;
}
}catch( Exception $e ){
exit( sprintf( 'An error "%s" on line %d of "%s"', $e->getMessage(), $e->getLine(), __METHOD__ ) );
}
}
也没有错误消息
因为你使用了错误的PDO错误模式,你使用的是默认模式,即iirc,称为PDO::ERRMODE_SILENT
这是创建PDO对象的正确方法:
$db = new PDO('mysql:host=localhost;dbname=testdb;charset=utf8mb4', 'username', 'password',
array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
当你创建你的时,你忘记了PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION部分。