当前位置: 文江博客话题详情

使用 AND 时 PDO 清空 SELECT 的结果

发布于 2024-08-27 03:17:47 字数 1258 浏览 7 评论 0原文

我发现了一件相当有趣的事情,但我自己似乎无法弄清楚。 每次执行包含“... AND ...”的 SQL 语句时,结果都是空的。

示例:

echo('I have a user: ' . $email . $wachtwoord . '<br>');

$dbh = new PDO($dsn, $user, $password);

$sql = 'SELECT * FROM user WHERE email = :email AND wachtwoord= :wachtwoord';
$stmt = $dbh->prepare($sql);
$stmt->bindParam(:email,$email,PDO::PARAM_STR);
$stmt->bindParam(:wachtwoord,$wachtwoord,PDO::PARAM_STR);

$stmt->execute();

while($row = $stmt->fetchObject())
{   
  echo($row->email . ',' . $row->wachtwoord);
  $user[] = array(
    'email' => $row->email,
    'wachtwoord' => $row->wachtwoord
  );
}


echo($row->email . ',' . $row->wachtwoord);

第一个回波显示正确的值,但从未到达 的 。 我想补充几点: 1)我已连接到数据库,因为其他查询可以工作,只有在“WHERE”失败后添加“AND”的查询才有效。 2) 使用 while 可以完美地处理不包含“... AND ...”的查询 3) 错误报告已打开,PDO 对我的查询(或其他任何内容)没有给出异常 4)直接在数据库上执行查询确实给出了我想要的:

SELECT * FROM user WHERE email = '[email protected]' AND wachtwoord = 'jurgen'

我可以再次盯着它一整天(我已经做过一次,但我设法解决了“AND”问题),但也许你们中的一个人可以帮我一把。

先感谢您。

于尔根

原文

I've come upon a rather interesting thing, which I can't seem to figure out myself.
Everytime when executing a SQL statement which contains a '... AND ...' the result is empty.

Example:

echo('I have a user: ' . $email . $wachtwoord . '<br>');

$dbh = new PDO($dsn, $user, $password);

$sql = 'SELECT * FROM user WHERE email = :email AND wachtwoord= :wachtwoord';
$stmt = $dbh->prepare($sql);
$stmt->bindParam(:email,$email,PDO::PARAM_STR);
$stmt->bindParam(:wachtwoord,$wachtwoord,PDO::PARAM_STR);

$stmt->execute();

while($row = $stmt->fetchObject())
{   
  echo($row->email . ',' . $row->wachtwoord);
  $user[] = array(
    'email' => $row->email,
    'wachtwoord' => $row->wachtwoord
  );
}

The first echo displays the correct values, however the line with

echo($row->email . ',' . $row->wachtwoord);

is never reached.
A few things I want to add:
1) I am connected to the database since other queries work, only the ones where I add an 'AND' after my 'WHERE's fail.
2) Working with the while works perfectly with queries that do not contain '... AND ...'
3) Error reporting is on, PDO gives no exceptions on my query (or anything else)
4) Executing the query directly on the database does give what I want:

SELECT * FROM user WHERE email = '[email protected]' AND wachtwoord = 'jurgen'

I can stare at it all day long again (which I already did once, but I managed to work around the 'AND'), but maybe one of you can give me a helping hand.

Thank you in advance.

Jurgen

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

酒儿 2024-09-03 03:17:47

让我们看看这些调试查询之一是否

....
$dbh = new PDO($dsn, $user, $password);

function debugQuery($dbh, $querystring, $params) {
  $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);  
  $stmt = $dbh->prepare($querystring);
  $stmt->execute($params);
  echo $querystring, ":<br />\n";
  while ( false!== ($row=$stmt->fetch(PDO::FETCH_ASSOC)) ) {
    echo '  ', join(', ', $row), "<br />\n";
  }
}

debugQuery($dbh, 'SELECT Count(*) as c FROM user', array());
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE email=?', array($email));
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE wachtwoord=?', array($wachtwoord));
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE email=? AND wachtwoord=?', array($email, $wachtwoord));
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE email LIKE ? AND wachtwoord LIKE ?', array( '%'.trim($email).'%', '%'.trim($wachtwoord).'%'));

$sql = 'SELECT * FROM user WHERE email = :email AND wachtwoord= :wachtwoord';
$stmt = $dbh->prepare($sql);
...

返回一些有趣的东西。

编辑:似乎不是这样...那么让我们从另一个角度攻击这个

$email = 'emailA';
$wachtwoord = 'wachtwoordA';
echo('I have a user: ' . $email . $wachtwoord . '<br>');

//$dbh = new PDO($dsn, $user, $password);
$dbh = new PDO("mysql:host=localhost;dbname=test", 'localonly', 'localonly'); 
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

// create a temporary table
$dbh->exec('CREATE TEMPORARY TABLE tmp_user ( id int auto_increment, email varchar(32), wachtwoord varchar(32), primary key(id))');
// and fill in exactly the record we're looking for
$dbh->exec("INSERT INTO  tmp_user (email, wachtwoord) VALUES ('$email', '$wachtwoord')");


$sql = 'SELECT * FROM tmp_user WHERE email = :email AND wachtwoord= :wachtwoord';
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':email', $email,PDO::PARAM_STR);
$stmt->bindParam(':wachtwoord', $wachtwoord,PDO::PARAM_STR);

$stmt->execute();

while($row = $stmt->fetchObject())
{   
  echo($row->email . ',' . $row->wachtwoord);
  $user[] = array(
    'email' => $row->email,
    'wachtwoord' => $row->wachtwoord
  );
}

打印 I have a user: emailAwachtwoordA
emailA,wachtwoordA 在我的 php/mysql 版本上。

Let's see if one of those debug queries

....
$dbh = new PDO($dsn, $user, $password);

function debugQuery($dbh, $querystring, $params) {
  $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);  
  $stmt = $dbh->prepare($querystring);
  $stmt->execute($params);
  echo $querystring, ":<br />\n";
  while ( false!== ($row=$stmt->fetch(PDO::FETCH_ASSOC)) ) {
    echo '  ', join(', ', $row), "<br />\n";
  }
}

debugQuery($dbh, 'SELECT Count(*) as c FROM user', array());
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE email=?', array($email));
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE wachtwoord=?', array($wachtwoord));
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE email=? AND wachtwoord=?', array($email, $wachtwoord));
debugQuery($dbh, 'SELECT Count(*) as c FROM user WHERE email LIKE ? AND wachtwoord LIKE ?', array( '%'.trim($email).'%', '%'.trim($wachtwoord).'%'));

$sql = 'SELECT * FROM user WHERE email = :email AND wachtwoord= :wachtwoord';
$stmt = $dbh->prepare($sql);
...

returns something interesting.

edit: Doesn't seem so... then let's attack this from another angle

$email = 'emailA';
$wachtwoord = 'wachtwoordA';
echo('I have a user: ' . $email . $wachtwoord . '<br>');

//$dbh = new PDO($dsn, $user, $password);
$dbh = new PDO("mysql:host=localhost;dbname=test", 'localonly', 'localonly'); 
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

// create a temporary table
$dbh->exec('CREATE TEMPORARY TABLE tmp_user ( id int auto_increment, email varchar(32), wachtwoord varchar(32), primary key(id))');
// and fill in exactly the record we're looking for
$dbh->exec("INSERT INTO  tmp_user (email, wachtwoord) VALUES ('$email', '$wachtwoord')");


$sql = 'SELECT * FROM tmp_user WHERE email = :email AND wachtwoord= :wachtwoord';
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':email', $email,PDO::PARAM_STR);
$stmt->bindParam(':wachtwoord', $wachtwoord,PDO::PARAM_STR);

$stmt->execute();

while($row = $stmt->fetchObject())
{   
  echo($row->email . ',' . $row->wachtwoord);
  $user[] = array(
    'email' => $row->email,
    'wachtwoord' => $row->wachtwoord
  );
}

prints I have a user: emailAwachtwoordA<br>emailA,wachtwoordA on my version of php/mysql.

回复 原文
爱的故事 2024-09-03 03:17:47
while($row = $stmt->fetchObject()){}

那条线不应该是(取决于您的设置)吗?

while( $row = $stmt->fetchAll( PDO::FETCH_OBJ) ){

var_dump( $row ) ;

}

while($row = $stmt->fetchObject()){}

Shouldn't that line be (depending on your setup)?

while( $row = $stmt->fetchAll( PDO::FETCH_OBJ) ){

var_dump( $row ) ;

}
回复 原文
~没有更多了~

关于作者

我很坚强

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

謌踐踏愛綪

文章 0 评论 0

开始看清了

文章 0 评论 0

高速公鹿

文章 0 评论 0

alipaysp_PLnULTzf66

文章 0 评论 0

热情消退

文章 0 评论 0

白色月光

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文