SQLSTATE [42000]:语法错误或访问冲突-PDO"GRANT"准备好的陈述 [英] SQLSTATE[42000]: Syntax error or access violation - PDO "GRANT" prepared statement

查看:96
本文介绍了SQLSTATE [42000]:语法错误或访问冲突-PDO"GRANT"准备好的陈述的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用PDO创建准备好的语句,这将允许我使用从表单收集的数据创建mysql用户. 但是,当我运行命令时,出现错误:

I am trying to create a prepared statement using PDO that will allow me to create mysql users using data collected from a form. When i run the command though, i get the error:

SQLSTATE [42000]:语法错误或访问冲突:1064您的SQL语法有一个错误;请参阅第1914页的"SQLSTATE错误".检查与您的MySQL服务器版本对应的手册以获取正确的语法,以在第1行的``select'ON'testjoke.authors'TO'corey'@'localhost''附近使用

SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''select' ON 'testjoke.authors' TO 'corey'@'localhost'' at line 1

我目前仅使用我为测试而创建的一些变量中的数据,而不是表单中的数据. 代码如下:

I am currently just using data from some variables i created for testing, instead of data from the form. The code looks like this:

$grantQuery = $db->prepare("GRANT ? ON ? TO ?@'localhost';");

    $select = 'select';
    $testjoke = 'testjoke.authors';
    $pdoemail = 'corey';

    $grantQuery ->execute(array(
                                $select,
                                $testjoke,
                    $pdoemail
                ));

我已经启用了Mysql常规日志记录,并且查询甚至从未在其上显示(从未执行过).

I have enabled Mysql general logging, and the query never even shows up on it (never executed).

几天来我一直在寻找解决办法,但是我没有运气.

I have been trying to find a fix for this for a couple of days now, but i am having no luck.

任何帮助将不胜感激.

谢谢 科里

推荐答案

就像无法编写SELECT ? FROM ?一样,也不能将GRANT划分为准备好的查询.

Just as you cannot write SELECT ? FROM ?, neither can you divide GRANT into a prepared query.

准备的查询值只能是值.出于安全考虑,您不能传递关键字.在您的情况下,可能起作用的唯一参数是用户名,因为它是字符串.

Prepared query values can only be values. For safety reasons among many others, you cannot pass in keywords. The only parameter that might work in your case is the username, as that is a string.

PDO尝试运行:

GRANT 'select' ON 'testjoke.authors' TO 'cory':'localhost';

我希望您能明白为什么这行不通.

You can see why this won't work, I hope.

这篇关于SQLSTATE [42000]:语法错误或访问冲突-PDO"GRANT"准备好的陈述的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆