我有一个页面用于为程序添加新用户。当点击创建按钮时,通过POST将信息发送到我的php脚本来运行某些登录,加密密码并使用预准备语句将数据插入到MySQL中。但是,我不断收到以下错误,但不知道为什么:MySQL/PHP准备好的语句插入错误
准备失败:(1064)您的SQL语法错误;检查对应于你的MySQL服务器版本的在线使用近“” 1
我的脚本正确的语法手册:
<?php
include("inc.php");
if ((isset($_POST['firstname'])) and (isset($_POST['lastname'])) and (isset($_POST['company'])) and (isset($_POST['statusflag'])) and (isset($_POST['username'])) and (isset($_POST['password'])) and (isset($_POST['passwordConfirm']))) {
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$company = $_POST['company'];
$department = $_POST['department'];
$statusflag = $_POST['statusflag'];
$admin = $_POST['admin'];
$revoked = $_POST['revoked'];
$login = $_POST['username'];
$pass = $_POST['password'];
$passConfirm = $_POST['passwordConfirm'];
} else {
echo "Values did not save. Please try again.";
}
if ($pass == $passConfirm) {
$passEnc = password_hash($pass, PASSWORD_DEFAULT);
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_errno) {
echo "There was a problem connecting to MySQL: (" . $conn->connect_errno . ") " . $conn->connect_error;
}
if (!($sql = $conn->prepare("INSERT INTO sched_users(login, password, firstname, lastname, email, phone, company, department, admin, statusflag, revoked) VALUES (?,?,?,?,?,?,?,?,?,?,?"))) {
echo "Prepare failed: (" . $conn->errno . ") " . $conn->error;
}
if (!$sql->bind_param("sssssssiiss", $login, $passEnc, $firstname, $lastname, $email, $phone, $company, $department, $admin, $statusflag, $revoked)) {
echo "Binding parameters failed: (" . $sql->errno . ") " . $sql->error;
}
if (!$sql->execute()) {
echo "Execute failed: (" . $sql->errno . ") " . $sql->error;
}
$sql->close();
$conn->close();
} else {
echo "Passwords don't match. Please try again.";
}
?>
我的表具有完全相同的列中,除了相同的顺序第一列(id)是自动递增的主键。该列不应该包含在插入中,因为MySQL将在其末尾处理自动增量。
所有帮助表示赞赏。
谢谢!
')'在错误的地方/失踪。 –
@JonStirling他只是想念它。他用括号将他的条件分组。 – Daerik
@Daerik发现和更新的评论:) –