Php 无效参数编号:绑定变量的数量与令牌的数量不匹配';
我有一个填充Php 无效参数编号:绑定变量的数量与令牌的数量不匹配';,php,mysql,Php,Mysql,我有一个填充$row[“app\u id”]的查询,当我浏览我的div id=“reveal”时,app\u id会发生变化。我想做的是在$RevelsTMT查询中插入该应用程序的id。我一直收到错误 Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not mat
$row[“app\u id”]
的查询,当我浏览我的div id=“reveal”
时,app\u id
会发生变化。我想做的是在$RevelsTMT查询中插入该应用程序的id。我一直收到错误
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid
parameter number: number of bound variables does not match number of tokens
我的代码如下
<?php
$revealid = $row["app_id"];
while (isset($revealid)){
$query3 = "";
$revealstmt = $conn->prepare("SELECT logs.time_entry AS logs_entry, logs.description AS logs_description, substates.name AS reveal_substates_name FROM logs LEFT OUTER JOIN applications ON logs.fk_app_id = applications.pk_app_id LEFT OUTER JOIN substates ON logs.fk_substate_id = substates.pk_substate_id WHERE logs.fk_app_id = <?php echo $revealid ?> and time_entry >= curdate() - INTERVAL DAYOFWEEK(curdate()) + 14 DAY ORDER BY time_entry DESC;");
$revealstmt->execute(array('query3' => $query3));
?>
<div id="<?php echo $row["app_name"];?>" class='reveal-modal'>
<div id="reveal">
<h1><?php echo $row["app_name"]; echo $revealid; ?>
<br />
</h1>
<div class="accordion">
<?php while ($revealrow = $revealstmt->fetch()){?>
<h3><a href=""><?php echo $revealrow["logs_entry"]?> -|- <?
php echo $revealrow["reveal_substates_name"]; ?></a></h3>
<div><?php echo $revealrow["logs_description"]; ?></div>
<?php } ?> <!-- Close Tag for $revealrow -->
<?php } ?> <!-- Close tag for the while(isset) -->
我尝试过使用foreach,但无法使用,因为$row[“app\u id”]
不是数组,它一次只返回一个数字
希望我已经提供了所有需要的信息,如果没有,我当然会添加任何我需要的信息。再次感谢社区对您的帮助 我认为您的查询准备语句的语法错误。试试这个:
$revealstmt = $conn->prepare("SELECT logs.time_entry AS logs_entry, logs.description AS logs_description, substates.name AS reveal_substates_name FROM logs LEFT OUTER JOIN applications ON logs.fk_app_id = applications.pk_app_id LEFT OUTER JOIN substates ON logs.fk_substate_id = substates.pk_substate_id WHERE logs.fk_app_id = ".$revealid." and time_entry >= curdate() - INTERVAL DAYOFWEEK(curdate()) + 14 DAY ORDER BY time_entry DESC;");
如果您回显该值,它应该转到标准输出,而不是您正在准备的字符串/查询。您应该在查询中使用串联。此外,您不希望查询那么长。就像你不会在一行中编写所有的PHP一样,MySQL也是如此:它是另一种语言
$revealstmt = $conn->prepare(
"SELECT logs.time_entry AS logs_entry, " .
"logs.description AS logs_description, " .
"substates.name AS reveal_substates_name " .
"FROM logs LEFT OUTER JOIN applications " .
"ON logs.fk_app_id = applications.pk_app_id " .
"LEFT OUTER JOIN substates ON logs.fk_substate_id = substates.pk_substate_id " .
"WHERE logs.fk_app_id = " . $revealid . " AND " .
"time_entry >= curdate() - INTERVAL DAYOFWEEK(curdate()) + 14 DAY " .
"ORDER BY time_entry DESC;");
$revealstmt->execute();
另一个问题是您试图将query3
分配给某个对象。查询中没有?
占位符,因此无需在execute()
中添加任何内容。但是,另一种工作解决方案可能不安全,具体取决于$revalid
的来源。您可以通过执行以下操作使其安全:
$revealstmt = $conn->prepare(
"SELECT logs.time_entry AS logs_entry, " .
"logs.description AS logs_description, " .
"substates.name AS reveal_substates_name " .
"FROM logs LEFT OUTER JOIN applications " .
"ON logs.fk_app_id = applications.pk_app_id " .
"LEFT OUTER JOIN substates ON logs.fk_substate_id = substates.pk_substate_id " .
"WHERE logs.fk_app_id = ? AND " .
"time_entry >= curdate() - INTERVAL DAYOFWEEK(curdate()) + 14 DAY " .
"ORDER BY time_entry DESC;");
$revealstmt->execute(array($revealid));
$revelstmt->execute(数组('query3'=>$query3))代码>这是您的问题,您的查询没有绑定值,但您仍然在executestat
上发送绑定数组
试试这个:
$revealstmt = $conn->prepare("SELECT logs.time_entry AS logs_entry, logs.description AS logs_description, substates.name AS reveal_substates_name FROM logs LEFT OUTER JOIN applications ON logs.fk_app_id = applications.pk_app_id LEFT OUTER JOIN substates ON logs.fk_substate_id = substates.pk_substate_id WHERE logs.fk_app_id = :query3 and time_entry >= curdate() - INTERVAL DAYOFWEEK(curdate()) + 14 DAY ORDER BY time_entry DESC;");
然后通过如下方式传递绑定值来执行yout查询:
$revelstmt->execute(数组('query3'=>$revelalid))代码>
或:
$revelstmt->bindValue(':query3',$revelalid)代码>在SQL查询中,query3
出现在哪里?另外,我认为您的占位符需要以:
开头。那
在查询中做什么?你已经在使用PHP了,你不能就这么做。用连接代替。我很可能是错的,因为我正在学习。我认为query3是从SQL查询返回的数组。我还将检查连接。我没有意识到你可以在SQL查询的中间这么做,我认为你必须回到PHP。非常感谢!!我已经在这方面工作了将近两天,不知道我只是在那里射中了自己的脚。感谢所有做出如此巨大贡献的人-1,虽然这回答了OP的问题,但它的安全性有缺陷,而且很容易通过sql注入攻击@FranciscoPresencia您完全正确!我也没有时间指出这一点……谢谢,我刚刚开始做很多SQL,我相信你可以告诉我,但这肯定是我将开始做的事情。通常,当我在Workbench中进行查询时,我会像您一样进行查询,但当我将它们放在代码中时,我会将它们全部放在一行。再次感谢你的帮助!