PDO FreeTDS 错误
我刚刚将我的服务器从 php 5.2 升级到 5.3.3,并且在 PDO(使用 DBLIB)中遇到了一个奇怪的错误。
我正在连接到 SQL Server 2005。我遇到错误出现在任何以“N”字母作为参数前缀的语句中(告诉 SQL Server 它是一个 unicode 字符串)。
查询如下所示:
INSERT INTO IPs (IP, PosterId, Note, DateAdded, Status, IsClass)
VALUES (:ip, :posterid, N:note, GETUTCDATE(), :status, :isclass)
用于在旧设置上正常工作,新设置会引发异常:
SQLSTATE[HY093]:无效的参数号:绑定变量的数量与标记的数量不匹配
如果我删除参数前面的 N 字符,似乎可以正常工作。然而,我有数千条这样的声明,删除它会很痛苦。我宁愿找出为什么会发生这种情况并解决它。
知道如何进行这项工作吗?
谢谢
稍后编辑:感谢下面的静止,我发现使用非命名参数(问号)是有效的。但它仍然让我需要改变很多陈述。
所以这有效:
INSERT INTO IPs (IP, PosterId, Note, DateAdded, Status, IsClass)
VALUES (?, ?, N?, GETUTCDATE(), ?, ?)
I have just upgraded my server from php 5.2 to 5.3.3 and I am having a weird error in PDO (with DBLIB).
I am connecting to an SQL Server 2005. I am having The error appears in any statement that prefixes a parameter with the "N" letter (to tell SQL Server that it's a unicode string).
The query looks like this:
INSERT INTO IPs (IP, PosterId, Note, DateAdded, Status, IsClass)
VALUES (:ip, :posterid, N:note, GETUTCDATE(), :status, :isclass)
Used to work properly on the old setup, the new one throws an exception:
SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens
Seems to work properly if I remove the N character in front of the parameter. However, I have thousands of statements like that and it would be a pain o remove. I would rather find out why this happens and fix it.
Any idea how to make this work?
Thanks
Later edit: Thanks to stillstanding below, I found that using non named parameters (question mark) works. But it still leaves me with changing lots of statements.
So this works:
INSERT INTO IPs (IP, PosterId, Note, DateAdded, Status, IsClass)
VALUES (?, ?, N?, GETUTCDATE(), ?, ?)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
首先,当您使用预备语句时,PDO 将通常看起来像。
$stm->bindParam(':note',$note);
$stm->execute();
当 PDO 查看此参数时,它通常会通过安全插入解析器运行您的参数,例如 mysql_escape_string() 并将在您的值周围放置单引号,所以...
N:note 变成 N'somevalue' 通常,当您插入标记时,它们完全独立于任何其他特殊字符,并用空格或制表符填充。您可能会考虑避免使用命名参数,这可能会有所帮助,但是插入诸如 N'somevalue' 之类的内容似乎有点不寻常,除非您告诉 PDO 这是一个整数值,它将在插入时避免使用单引号。
First off, when you use a prepared statement, PDO will normally look like.
$stm->bindParam(':note',$note);
$stm->execute();
when PDO looks at this parameter, it will normally run your parameter through a safe insert parser, such as mysql_escape_string() and will place single quotes around your value, so...
N:note turns into N'somevalue' Normally when you insert tokens they are completely independent of any other special characters and padded with spaces or tabs. You might consider avoiding using named parameters, this might help, but it would seem kind of unusual to have an insert such as N'somevalue' unless you are telling PDO this is an integer value which it will avoid using single quotes when it inserts.