无法通过php PDO插入SQLite数据库 [英] Cannot insert into SQLite database through php PDO

问题描述

请帮助看看有什么问题....(我测试数据库连接是否正常)

Pls help see what is wrong.... (I test the db connection is fine)

<?php
$user_name=$_POST['user_name'];
$password=$_POST['password'];

$dbh=new PDO('sqlite:./db/user.db') or die("fail to connect db");

try{
 $stmt = $dbh->prepare("INSERT INTO user_info VALUES (?, ?)");
 $stmt->bindParam(1, $a);
 $stmt->bindParam(2, $b);
 $a=$user_name;
 $b=$password;
 $stmt->execute();
}
catch(PDOException $e) {echo $e->getMessage();}

?>

推荐答案

在评论中与@DerrickCoetzee讨论之后，我有时间重新考虑这个答案.事实是，答案实际上可能是在某些服务器上解决此问题的唯一方法.我曾建议授予对数据库的通用写访问权限，这显然是不安全的.我发现，为什么那是我唯一的解决方案，原因是我的服务器已禁用php的写访问权限. php无法创建新文件，并且我无法在没有root用户访问权限的情况下将数据库所有者更改为apache或"nobody"，这使更好的解决方案成为不可能.

I have had time to reconsider this answer after discussion with @DerrickCoetzee in the comments. The truth is, the answer may in fact be the only way to fix this problem on some servers. I had suggested to give universal write access to the database, which is admittedly unsafe. The reason, I have found, why that was the only solution I could have is that my server has disabled write access for php. php is incapable of making new files, and I am unable to change the owner of the database to apache or "nobody" without root access, which makes a better solution impossible.

从本质上讲，我的服务器已锁定php，以便只有在所有人可以写入的情况下它才能写入.在我看来，这是一个错误的服务器设置，导致了这种安全风险，并且正如@Derrick所建议的，sqlite db应该只能用于私有用途或仅用于服务器访问.某些系统未设置为安全地利用此 .如果您发现php没有写访问权限，并且没有对该计算机的root访问权限，则应考虑与系统管理员联系，或者在可用的情况下切换到MySQL.

Essentially, my server has locked down php such that it can only write if everyone can write. In my opinion, this is a bad server setup, which led to this security risk and as @Derrick suggests, an sqlite db should probably only be used for private use or server-access-only. Some systems are not setup to take advantage of this safely. If you find php has no write access and you do not have root access to the machine, you should consider contacting your system administrator or switch to MySQL if it's available.

话虽如此，当数据库不敏感或只有少数特定人群知道时，我发现以下解决方案非常适合快速原型解决方案.

That being said, I find the following solution very handy for quick, prototyping solutions, when the db is not sensitive, or will only be known about by a small select group of people.

我今天也遇到了同样的问题！我对php和sqlite还是很陌生，但是一直很忙.突然间，由于问题海报所描述的没有插入到我的sqlite数据库中，我遇到了巨大的障碍(一天都没有进展).此处的区别因素是没有错误消息或异常，如果将execute语句放入if子句中，则仅返回false.

I had this exact same problem today! I am pretty new to php and sqlite, but was chugging along. All of a sudden I hit this massive roadblock (no progress for a day) from lack of insert into my sqlite database as described by the question poster. The distinguishing factor here is that there is no error message or exception, only the return of false if you put the execute statement into an if clause.

因此，我终于能够找到一种使插入工作的方法，但是我不确定100％是否安全.如果您认为有更好的方法，我将不胜感激.

So, I was finally able to figure out a way to get insertion to work, but I am not 100% certain if it is safe or not. I'd appreciate any comments if you think there's a better way.

主要问题是您试图让用户写入文件系统上的文件.但是，默认情况下，文件夹和文档仅对外部用户具有读取权限.因此，您需要同时授予数据库(user.db)及其文件夹(./db)可写访问权.

The main problem is that you are trying to let your users write to a file on your file system. However, by default folders and documents only have read access for outsiders. Therefore, you need to give both your database (user.db) and it's folder (./db) writable access others.

因此，您需要进入目录并输入:

So, you need to go the directory and type in:

chmod 777 ./db
chmod 766 ./db/user.db

那为我解决了这个问题，所以我希望它也对您有所帮助.我不知道是否有更好的方法，但这似乎很合逻辑.

That fixed this problem for me, so I hope it helps you out, too. I don't know if there is a better way or not, but it seems rather logical.

这篇关于无法通过php PDO插入SQLite数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！