“警告:PDO::prepare() 期望参数 2 为数组,给定字符串” - 当只指定一个参数时
我对 PDO 和 MySQL 查询不是很有经验。
看看这个函数:
function add($mynick, $friend) {
$dbh = new PDO(DSN,USERNAME,PASSWORD);
$sth = $dbh->prepare('UPDATE pinfo SET friends=concat_ws(',' , friends, $friend) WHERE nick = :mynick');
$sth->bindParam(':mynick', $mynick);
//$sth->bindParam(':friend', $friend);
$sth->execute();
}
这个函数不起作用:
Warning: PDO::prepare() expects parameter 2 to be array, string given in /test5.php
Fatal error: Call to a member function bindParam() on a non-object in /test5.php
我也尝试在 concat_ws 中盲注 $fliend var ,或删除所有 $var 和 bindParam;数据库连接和数据库表都正常。
为什么错了?
如果我尝试将 PDO 与简单的 UPDATE 查询一起使用,而不使用 concat_ws 它可以工作。
I'm not very experienced with PDO and MySQL query..
Look at this function:
function add($mynick, $friend) {
$dbh = new PDO(DSN,USERNAME,PASSWORD);
$sth = $dbh->prepare('UPDATE pinfo SET friends=concat_ws(',' , friends, $friend) WHERE nick = :mynick');
$sth->bindParam(':mynick', $mynick);
//$sth->bindParam(':friend', $friend);
$sth->execute();
}
This function is not working:
Warning: PDO::prepare() expects parameter 2 to be array, string given in /test5.php
Fatal error: Call to a member function bindParam() on a non-object in /test5.php
I tried to blind also $fliend var, in the concat_ws, or removing all $var and bindParam; the db connection and the db table are ok.
Why is it wrong ?
If I try to use PDO with a simple UPDATE query, without concat_ws it works.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我已重新格式化您的查询,希望使错误更加明显。
没看到吗?
查看 SO 提供的语法高亮。看到
SET中的逗号是黑色的吗?问题在于您将 SQL 语句括在单引号中,但希望在查询中使用单引号。真正发生的情况是,您打破了引用的参数,向 PHP 传递了一个逗号,然后再次打开引用,导致两个参数传递给
prepare:'UPDATE pinfo SETfriends =concat_ws('然后' , 朋友, $friend) WHERE nick = :mynick'.这就是 PHP 抱怨第二个参数无效的原因。您需要转义单引号,或使用双引号来包装查询。因此,您需要:
$friend而不是让 PHP 对其进行插值,正如 @Ian Wood 所指出的,并且您的注释掉最初建议的代码因此:
I've reformatted your query to hopefully make the error more obvious.
Don't see it?
Check out the syntax highlighting provided by SO. See how the comma in the
SETis black?The problem is that you're enclosing your SQL statement in single-quotes, but want to use single-quotes inside the query. What's really happening is that you're breaking out of the quoted argument, passing PHP a comma, then opening the quote up again, resulting in two arguments passed to
prepare:'UPDATE pinfo SET friends=concat_ws('and then' , friends, $friend) WHERE nick = :mynick'. This is why PHP is whining about the second argument being invalid. You need to either escape the single quotes, or use double quotes to wrap the query.Therefore you need to:
$friendproperly rather than let PHP interpolate it, as noted by @Ian Wood, and as your commented out code originally suggestedThus:
我认为这应该是
我会考虑改变你的架构。
只需要有一个人员表,然后是一个朋友表...将人员详细信息保留在人员表中,而朋友表中有两列“person_id”和“friend_id”,仅存储所连接人员的 ID - 您将结束提供更多有用且易于管理的数据。
因为很多人可以有很多朋友,所以你需要一种“多对多”的关系......
think thast should be
I would however consider changing your architecture.
Just have a table of people and then a table of friends... Keep the persons details in the people table and in the friends table have two columns 'person_id' and 'friend_id' just store the ids of the connected people - you will end up with much more useful and manageable data.
as many people can have many friends you need a 'many-to-many' relationship there...