无法通过 php PDO 插入 SQLite 数据库
请帮助看看出了什么问题....(我测试数据库连接正常)
<?php
$user_name=$_POST['user_name'];
$password=$_POST['password'];
$dbh=new PDO('sqlite:./db/user.db') or die("fail to connect db");
try{
$stmt = $dbh->prepare("INSERT INTO user_info VALUES (?, ?)");
$stmt->bindParam(1, $a);
$stmt->bindParam(2, $b);
$a=$user_name;
$b=$password;
$stmt->execute();
}
catch(PDOException $e) {echo $e->getMessage();}
?>
Pls help see what is wrong.... (I test the db connection is fine)
<?php
$user_name=$_POST['user_name'];
$password=$_POST['password'];
$dbh=new PDO('sqlite:./db/user.db') or die("fail to connect db");
try{
$stmt = $dbh->prepare("INSERT INTO user_info VALUES (?, ?)");
$stmt->bindParam(1, $a);
$stmt->bindParam(2, $b);
$a=$user_name;
$b=$password;
$stmt->execute();
}
catch(PDOException $e) {echo $e->getMessage();}
?>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
在评论中与@DerrickCoetzee 讨论后,我有时间重新考虑这个答案。事实是,答案实际上可能是在某些服务器上解决此问题的唯一方法。我曾建议给予数据库通用写访问权限,这无疑是不安全的。我发现,这是我唯一可以拥有的解决方案的原因是我的服务器已禁用 php 的写访问权限。 php 无法创建新文件,并且我无法将数据库的所有者更改为 apache 或没有 root 访问权限的“nobody”,这使得更好的解决方案变得不可能。
本质上,我的服务器已经锁定了 php,只有在每个人都可以写的情况下它才可以写。在我看来,这是一个糟糕的服务器设置,导致了这种安全风险,正如 @Derrick 所建议的,sqlite 数据库可能只应用于私人使用或仅服务器访问。有些系统未设置为安全地利用此功能。如果您发现 php 没有写入权限,并且您没有机器的 root 访问权限,则应考虑联系您的系统管理员或切换到 MySQL(如果可用)。
话虽这么说,当数据库不敏感或者只有一小部分人知道时,我发现以下解决方案对于快速原型解决方案非常方便。
我之前的回答:
我今天也遇到了同样的问题!我对 php 和 sqlite 还很陌生,但还是很顺利。突然间,我遇到了这个巨大的障碍(一天没有进展),因为我的 sqlite 数据库中缺少插入,如问题发布者所述。这里的区别因素是没有错误消息或异常,如果将execute语句放入if子句中,只会返回false。
所以,我终于找到了一种方法来获得插入工作,但我不能 100% 确定它是否安全。如果您认为有更好的方法,我将不胜感激。
主要问题是您试图让用户写入文件系统上的文件。但是,默认情况下,文件夹和文档仅对外部人员具有读取访问权限。因此,您需要为您的数据库(user.db)及其文件夹(./db)提供可写访问权限。
因此,您需要进入目录并输入:
这为我解决了这个问题,所以我希望它也能帮助您。我不知道是否有更好的方法,但这看起来很合乎逻辑。
I have had time to reconsider this answer after discussion with @DerrickCoetzee in the comments. The truth is, the answer may in fact be the only way to fix this problem on some servers. I had suggested to give universal write access to the database, which is admittedly unsafe. The reason, I have found, why that was the only solution I could have is that my server has disabled write access for php. php is incapable of making new files, and I am unable to change the owner of the database to apache or "nobody" without root access, which makes a better solution impossible.
Essentially, my server has locked down php such that it can only write if everyone can write. In my opinion, this is a bad server setup, which led to this security risk and as @Derrick suggests, an sqlite db should probably only be used for private use or server-access-only. Some systems are not setup to take advantage of this safely. If you find php has no write access and you do not have root access to the machine, you should consider contacting your system administrator or switch to MySQL if it's available.
That being said, I find the following solution very handy for quick, prototyping solutions, when the db is not sensitive, or will only be known about by a small select group of people.
My previous answer:
I had this exact same problem today! I am pretty new to php and sqlite, but was chugging along. All of a sudden I hit this massive roadblock (no progress for a day) from lack of insert into my sqlite database as described by the question poster. The distinguishing factor here is that there is no error message or exception, only the return of false if you put the execute statement into an if clause.
So, I was finally able to figure out a way to get insertion to work, but I am not 100% certain if it is safe or not. I'd appreciate any comments if you think there's a better way.
The main problem is that you are trying to let your users write to a file on your file system. However, by default folders and documents only have read access for outsiders. Therefore, you need to give both your database (user.db) and it's folder (./db) writable access others.
So, you need to go the directory and type in:
That fixed this problem for me, so I hope it helps you out, too. I don't know if there is a better way or not, but it seems rather logical.
在定义 $a 和 $b 之前,您将它们绑定为参数。
实际上,没有必要先将值分配给 $user_name 和 $password。只需先将它们分配给 $a 和 $b 即可。
[编辑 SQL 以包含列名称]
You're binding $a and $b as parameters before defining them.
Actually, there's no real need to assign the values first to $user_name and $password. Just assign them to $a and $b first.
[Edited SQL to include column names]
尝试这样:
try it this way:
当您绑定参数
$a和$b时,它们不存在。试试这个:
When you are binding your params
$aand$bdo not exist.Try this instead: