php - 这是什么意思？我该如何解决？未捕获的异常 'PDOException'，消息为“SQLSTATE[42000]

Question

我一直在使用 PDO 构建注册表单。我是 PDO 的新手，所以我不完全理解为什么会出现该错误。我检查了我的代码，它似乎没有任何语法错误。我不知道它说访问冲突是什么意思。

我一直收到这个错误:

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]

这是我的连接文件

<?php 

//Our MySQL user account.
define('MYSQL_USER', 'root');

//Our MySQL password.
define('MYSQL_PASSWORD', '');

//The server that MySQL is located on.
define('MYSQL_HOST', 'localhost');

//The name of our database.
define('MYSQL_DATABASE', 'private_beta_squire_app');

/**
 * PDO options / configuration details.
 * I'm going to set the error mode to "Exceptions".
 * I'm also going to turn off emulated prepared statements.
 */
$pdoOptions = array(
    PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_EMULATE_PREPARES => false
);

/**
 * Connect to MySQL and instantiate the PDO object.
 */
$pdo = new PDO(
    "mysql:host=" . MYSQL_HOST . ";dbname=" . MYSQL_DATABASE, //DSN
    MYSQL_USER, //Username
    MYSQL_PASSWORD, //Password
    $pdoOptions //Options
);

?>

这是我的表单代码

<?php

require 'password.php';

if ( isset ( $_POST ['submitButton'] ) ) {

    //if ( empty ( $_POST ['mail'] ) ) {
        //echo "Type your mail";
    //}

    //if ( empty ( $_POST ['password'] ) ) {
        //echo "Type your password";
    //}

    //if ( empty ( $_POST ['name'] ) ) {
        //echo "Type your name";
    //}

    //else {

        //Retrieve the field values from our registration form.
        $username = !empty ( $_POST ['mail'] ) ? trim ( $_POST ['mail'] ) : null;
        $pass = !empty ( $_POST ['password'] ) ? trim ( $_POST ['password'] ) : null;
        $name = !empty ( $_POST ['name'] ) ? trim ( $_POST ['name'] ) : null;
        $status = 'off';

        //TO ADD: Error checking (username characters, password length, etc).
        //Basically, you will need to add your own error checking BEFORE
        //the prepared statement is built and executed.

        //Now, we need to check if the supplied username already exists.

        //Construct the SQL statement and prepare it.
        $sql = "SELECT COUNT( email ) AS num FROM users WHERE email = :username";
        $stmt = $pdo->prepare ( $sql );

        //Bind the provided username to our prepared statement.
        $stmt->bindValue ( ':username', $username );

        //Execute.
        $stmt->execute();

        //Fetch the row.
        $row = $stmt->fetch ( PDO::FETCH_ASSOC) ;

        //If the provided username already exists - display error.
        //TO ADD - Your own method of handling this error. For example purposes,
        //I'm just going to kill the script completely, as error handling is outside
        //the scope of this tutorial.
        if ( $row ['num'] > 0 ) {

            die ( 'That email is already registered!' );

        }

        //Hash the password as we do NOT want to store our passwords in plain text.
        $passwordHash = password_hash ( $pass, PASSWORD_BCRYPT, array ( "cost" => 12 ) );

        //Prepare our INSERT statement.
        //Remember: We are inserting a new row into our users table.
        $sql = "INSERT INTO users (email, name, status, pass) VALUES (:username, :name, :status, :password;)";
        $stmt = $pdo->prepare($sql);

        //Bind our variables.
        $stmt->bindValue (':username', $username);
        $stmt->bindValue (':name', $name);
        $stmt->bindValue (':name', $status);
        $stmt->bindValue (':password', $passwordHash);      

        //Execute the statement and insert the new account.
        $result = $stmt->execute();

        //If the signup process is successful.
        if ( $result ) {

            //What you do here is up to you!
            header('location: index.php');

        }
    //}
}

?>

Answer 1

你有两个问题。

$sql = "INSERT INTO users (email, name, status, pass) VALUES (:username, :name, :status, :password;)";

1. 在 `password` 占位符之后的 `;` 关闭了 `insert` 语句，这使得查询无效。

$stmt->bindValue (':name', $name);
$stmt->bindValue (':name', $status);

1. 虽然您的查询使用了正确的名称，但您在这里使用了相同的占位符名称两次。如果您使用未命名的占位符，这不会导致问题。

所以你应该:

$sql = "INSERT INTO users (email, name, status, pass) VALUES (:username, :name, :status, :password)";
        $stmt = $pdo->prepare($sql);

        //Bind our variables.
        $stmt->bindValue (':username', $username);
        $stmt->bindValue (':name', $name);
        $stmt->bindValue (':status', $status);
        $stmt->bindValue (':password', $passwordHash);      

        //Execute the statement and insert the new account.
        $result = $stmt->execute();

备选方案:

$sql = "INSERT INTO users (email, name, status, pass) VALUES (?, ?, ?, ?)";
        $stmt = $pdo->prepare($sql);
        //Bind and execute the statement and insert the new account.
        $result = $stmt->execute(array($username, $name, $status, $passwordHash));