- 此问题在此处已有答案**:
Why does this PDO statement silently fail?(2个答案)
5年前关闭。
<?php
$abc = $objpdo->prepare("SELECT * FROM testdb.users WHERE user = ':login' AND user_pass=PASSWORD(':password')");
$abc->bindParam(':login', $_POST['name']);
$abc->bindParam(':password', $_POST['pw']);
$abc->execute();
echo $abc->rowCount();
// the example above doesn't work rowCount is always 0
$abc = $objpdo->prepare("SELECT * FROM testdb.users WHERE user = '?' AND user_pass=PASSWORD('?')");
$abc->execute([$_POST['name'], $_POST['pw']]);
echo $abc->rowCount();
// and again rowCount is always 0
$abc = $objpdo->query("SELECT * FROM testdb.users WHERE user = '".$_POST['name']."' AND user_pass=PASSWORD('".$_POST['pw']."')");
echo $abc->rowCount();
// this thing here is working
?>
我的代码中的预准备语句似乎不起作用,奇怪的是,当我尝试运行query()时,没有准备它,而是直接将值传递给它工作的字符串。
请注意,我总是尝试与现有的用户/密码此代码。
1条答案
按热度按时间xdnvmnnf1#
占位符不需要引号,否则查询将只把它们当作字符串,而不是占位符。
与序号占位符(问号)相同: