I've written a php function that allows you to update any entry in any table with any string values (one or multiple). PDO does not throw any errors, though the script does not seem to work! I've checked the name of the database, tables and fields multiple times. It's all correct. This is the only query in my functions that does not work. I believe it has something to do with the array im passing in to the SQL statement and the PDO->bindParam() function.
我编写了一个php函数,允许您使用任何字符串值(一个或多个)更新任何表中的任何条目。虽然脚本似乎不起作用,PDO不会抛出任何错误!我已多次检查数据库,表和字段的名称。这一切都是正确的。这是我的函数中唯一不起作用的查询。我相信它与传入SQL语句和PDO-> bindParam()函数的数组有关。
Code:
public function updateTableDetail($table, $id, $params) {
include($this->doc_root . 'config/config.php');
if (is_array($params)) {
foreach ($params as $param) {
$param = Utilities::escapeString($param);
}
} else {
throw new InvalidInputException(InputErrors::NOTANARRAY);
}
if (is_nan($id)) throw new InvalidInputException(InputErrors::NOTANUMBER);
$table = Utilities::escapeString($table);
$sql = "UPDATE " . $table . "
SET " . $config['table_field_updated'] . " = :updated";
while (current($params)) {
$sql .= "," . key($params) . " = :" . key($params);
next($params);
}
reset($params);
$sql .= " WHERE id = :id
AND " . $config['userId'] . " = :userId";
if ($this->serverConnector == null) {
$this->serverConnector = new ServerConnector();
}
if ($this->db == null) {
$this->db = $this->serverConnector->openConnectionOnUserDb($this->dbname);
}
$stmt = $this->db->prepare($sql);
$updated = date("Y-m-d H:i:s");
$stmt->bindParam(':updated',$updated);
$stmt->bindParam(':id',$id);
$stmt->bindParam(':userId',$this->userId);
while ($param = current($params)) {
$stmt->bindParam(":".key($params),$param);
next($params);
}
reset($params);
$stmt->execute();
}
EDIT: Don't worry about the include statement, the $config[]-array and the class-variables. It's all working aswell. Tested their values already.
编辑:不要担心include语句,$ config [] - 数组和类变量。这一切都在起作用。已经测试过它们的值。
1 个解决方案
#1
0
Change this part:
改变这一部分:
while ($param = current($params)) {
$stmt->bindParam(":".key($params),$param);
next($params);
}
To:
foreach($params as $key => &value){
$stmt->bindParam(":$key",$value);
}
Because according to PHP Manual: PDOStatement::bindParam
因为根据PHP手册:PDOStatement :: bindParam
Binds a PHP variable to a corresponding named or question mark placeholder in the SQL statement that was use to prepare the statement. Unlike PDOStatement::bindValue(), the variable is bound as a reference and will only be evaluated at the time that PDOStatement::execute() is called.
将PHP变量绑定到用于准备语句的SQL语句中的相应命名或问号占位符。与PDOStatement :: bindValue()不同,变量被绑定为引用,并且仅在调用PDOStatement :: execute()时进行计算。
#1
0
Change this part:
改变这一部分:
while ($param = current($params)) {
$stmt->bindParam(":".key($params),$param);
next($params);
}
To:
foreach($params as $key => &value){
$stmt->bindParam(":$key",$value);
}
Because according to PHP Manual: PDOStatement::bindParam
因为根据PHP手册:PDOStatement :: bindParam
Binds a PHP variable to a corresponding named or question mark placeholder in the SQL statement that was use to prepare the statement. Unlike PDOStatement::bindValue(), the variable is bound as a reference and will only be evaluated at the time that PDOStatement::execute() is called.
将PHP变量绑定到用于准备语句的SQL语句中的相应命名或问号占位符。与PDOStatement :: bindValue()不同,变量被绑定为引用,并且仅在调用PDOStatement :: execute()时进行计算。