P粉773659687 2023-08-08 12:34:18 0 1 150
function confirmUserID($session_id, $userid) {
/* Verify that user is in database */
$query = "SELECT session_id FROM user_sessions WHERE session_id = '$session_id' AND userid = '$userid'";
$stmt = $this->db->prepare($query);
$stmt->execute(array(':userid' => $userid, ':sessionid' => $session_id)); // Error message indicates it is coming from here
$count = $stmt->rowCount();
if (!$stmt || $count < 1) {
return 1; // Indicates username failure
}
$dbarray = $stmt->fetch();
/* Validate that userid is correct */
if ($session_id == $dbarray['session_id']) {
return 0; // Success! Username and userid confirmed
} else {
return 2; // Indicates userid invalid
}
}
我一直收到这个错误信息。
Fatal error: Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in C:xampphtdocstintoadminincludesSession.php:129 Stack trace: #0 C:xampphtdocstintoadminincludesSession.php(129): PDOStatement->execute(Array) #1
function confirmUserID($session_id, $userid) {
/* Verify that user is in database */
$query = "SELECT session_id FROM user_sessions WHERE session_id = '$session_id' AND userid = '$userid'";
$stmt = $this->db->prepare($query);
$stmt = array(':userid' => $userid, ':sessionid' => $session_id); // Error message indicates it is coming from here
$stmt->execute();
$count = $stmt->rowCount();
if (!$stmt || $count < 1) {
return 1; // Indicates username failure
}
$dbarray = $stmt->fetch();
/* Validate that userid is correct */
if ($session_id == $dbarray['session_id']) {
return 0; // Success! Username and userid confirmed
} else {
return 2; // Indicates userid invalid
}
}
给出了更多的错误提示
P粉794851975 采纳为最佳 2023-08-09 12:14:12 1楼
您应该在占位符之前添加冒号(:),并避免将$userID和$sessionID变量与查询进行拼接。
$stmt = $pdo->prepare("SELECT session_id FROM user_sessions WHERE session_id = :session_id AND userid = :userid"); $stmt->execute(['session_id' => $session_id, 'userid' => $userid]); $user = $stmt->fetch(); 赞 +0 添加回复