我參考網路上PDO的做法,但在$stmt->execute();會一直出現
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: parameter was not defined in D:\website\htdocs\google\111\test.php on line 9
的錯誤警告 我該如何修正他
<?
$connection = new PDO('mysql:host=localhost;dbname=444;charset=utf8', '444', '222');
$sql = "select member_real_name from member where member_id = :member_id";
$member_id = 29;
$stmt = $connection->prepare($sql);
$stmt->bindParam('i',$member_id);
/* execute query */
$stmt->execute();
/* Store the result (to get properties) */
$stmt->store_result();
/* Get the number of rows */
$num_of_rows = $stmt->num_rows;
/* Bind the result to variables */
$stmt->bind_result($member_id);
?>
已邀請的邦友 {{ invite_list.length }}/5
我猜應該是對應錯誤吧..
$stmt->bindParam('i',$member_id);
應該是..
$stmt->bindParam(':member_id',$member_id);
$statement->bindParam(":member_id",$member_id, PDO::PARAM_INT);
不過如果有做過數字驗證,
基本上我數字是不會用參數的,
我加參數主要是防SQL Injection而已,
純數字不會造成SQL Injection.
這個是錯誤是指parameter還未定義...$sql中你使用了:member_id
所以應該是$stmt->bindParam(':member_id',$member_id);
而並非i
iThome鐵人賽
看影片追技術