PDO错误“未定义参数".即使我已经定义并绑定了该参数 [英] PDO Error "parameter was not defined" even though I've defined and bound that parameter
问题描述
我正在尝试将此登录脚本从mySql转换为PDO,并且SELECT语句对于user_name可以正常使用,但对于密码则不能正常工作.
I'm trying to convert this login script from mySql to PDO, and the SELECT statement works fine for user_name but not for password.
显示的错误消息为"SQLSTATE[HY093]: Invalid parameter number: parameter was not defined
.我需要为此语句以不同的方式绑定$ hashedPassword吗?
The error message displayed is "SQLSTATE[HY093]: Invalid parameter number: parameter was not defined
". Do I need to bind $hashedPassword differently for this statement?
<?php
session_start();
//Include database connection details & salt
$password = $_POST['password'];
$hashedPassword = sha1($salt . $password);
try {
$stmt_user = $conn->prepare("SELECT * FROM customer_info WHERE user_name = :user_name and password = :hashedPassword");
$stmt_user->bindValue(':user_name', $_POST['user_name'], PDO::PARAM_STR);
$stmt_user->bindValue(':password', $hashedPassword);
$stmt_user->execute();
session_regenerate_id();
$member = $stmt_user->fetch();
$_SESSION['SESS_USER_ID'] = $member['user_id'];
session_write_close();
header("location: launch_member_account.php");
exit();
}catch(PDOException $e) {
echo $e->getMessage();
}
?>
推荐答案
该语句定义了一个名为:hashedPassword
的参数,但是bindValue()
调用使用了一个名为:password
的未知参数.
The statement defines a parameter called :hashedPassword
, but the bindValue()
call uses an unknown parameter called :password
.
$stmt_user = $conn->prepare("SELECT * FROM customer_info WHERE user_name = :user_name and password = :hashedPassword");
//---------------------------------------------------------------------------------------------------^^^^^^^^^^^^^^^^^
// Change this to match the statement.
$stmt_user->bindValue(':hashedPassword', $hashedPassword);
命名的参数无关紧要,只要它们匹配,最好使它们在整个应用程序中保持一致.
It doesn't matter what the parameters are named, as long as they match, so best to just make them consistent across your application.
这篇关于PDO错误“未定义参数".即使我已经定义并绑定了该参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!