I have two errors in my php script, the only weard thing is this is the exact code as my other scripts. thats the reason that i can't find the solutions.
我的PHP脚本中有两个错误,唯一的问题是这是我的其他脚本的确切代码。这就是我找不到解决方案的原因。
Can you help me to find the solution?
你能帮我找到解决方案吗?
Strict Standards: Only variables should be passed by reference in /home/joshua/domains/*********/public_html/panel/settings.php on line 130
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'insert = NULL, lastname = 'Hiwat', password = '$2a$13$nAJT6kLx8N5Hd0G8zQ4yheEOad' at line 1' in /home/joshua/domains/*********/public_html/panel/settings.php:216 Stack trace: #0 /home/joshua/domains/********/public_html/panel/settings.php(216): PDOStatement->execute() #1 {main} thrown in /home/joshua/domains/tubecreators.com/public_html/panel/settings.php on line 216
And here my code...
在这里我的代码......
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$errors = Array();
if(isset($_POST['name'])) {
if(trim($_POST['name']) != '') {
if(strlen(trim($_POST['name'])) < 2) {
$errors[] = 'De voornaam is te kort (2).';
}
}else{
$errors[] = 'De voornaam is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen voornaam meegestuurd.';
}
if(isset($_POST['password'])) {
if(trim($_POST['password']) != '' && strlen(trim($_POST['password'])) < 6) {
$errors[] = 'Het wachtwoord moet minimum 6 karakters bevatten. Kies zorgvuldig een veilig wachtwoord met (hoofd)letters, cijfers en eventueel symbolen. Indien je je wachtwoord verliest kan je contact opnemen met de ICT manager.';
}
}else{
$errors[] = 'Er is geen wachtwoord meegestuurd.';
}
if(isset($_POST['passwordrepeat'])) {
if(trim($_POST['passwordrepeat']) != trim($_POST['password'])) {
$errors[] = 'De opgegeven wachtwoorden zijn niet hetzelfde.';
}
}else{
$errors[] = 'Er is geen herhaald wachtwoord meegestuurd.';
}
if(isset($_POST['lastname'])) {
if(trim($_POST['lastname']) != '') {
if(strlen(trim($_POST['lastname'])) < 2) {
$errors[] = 'De achternaam is te kort (2).';
}
}else{
$errors[] = 'De achternaam is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen achternaam meegestuurd.';
}
if(isset($_POST['birth'])) {
if(trim($_POST['birth']) != '') {
if(strlen(trim($_POST['birth'])) < 2) {
$errors[] = 'De de geboortedatum is ongeldig (2).';
}
}else{
$errors[] = 'De geboortedatum is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen geboortedatum meegestuurd.';
}
if(isset($_POST['city'])) {
if(trim($_POST['city']) != '') {
if(strlen(trim($_POST['city'])) < 1) {
$errors[] = 'De stadsnaam is te kort (2).';
}
}else{
$errors[] = 'De stadsnaam is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen stadsnaam meegestuurd.';
}
if(isset($_POST['mail'])) {
if(trim($_POST['mail']) != '') {
if(filter_var(trim($_POST['mail']), FILTER_VALIDATE_EMAIL)) {
$checkexist = $dbh->prepare('SELECT COUNT(id) FROM users WHERE mail = :mail AND NOT id = :id');
$checkexist->bindParam(':mail', trim($_POST['mail']), PDO::PARAM_STR);
$checkexist->bindParam(':id', $user['id'], PDO::PARAM_INT);
$checkexist->execute();
if($checkexist->fetchColumn() > 0) {
$errors[] = 'Er is al een account met dit mailadres.';
}
}else{
$errors[] = 'De e-mail is ongeldig.';
}
}else{
$errors[] = 'De e-mail is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen e-mail meegestuurd.';
}
if(isset($_POST['youtube'])) {
if(trim($_POST['youtube']) != '') {
if(strlen(trim($_POST['youtube'])) < 6) {
$errors[] = 'De Youtube gebruikersnaam is te kort (6).';
}
}else{
$errors[] = 'De Youtube gebruikersnaam is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen Youtube gebruikersnaam meegestuurd.';
}
if(isset($_POST['about'])) {
if(trim($_POST['about']) != '') {
if(strlen(trim($_POST['about'])) < 20) {
$errors[] = 'Het stukje over jezelf is te kort (2).';
}
}else{
$errors[] = 'Het stukje over jezelf is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen stukje over jezelf meegestuurd.';
}
if(isset($_POST['category'])) {
if(trim($_POST['category']) != '') {
if(strlen(trim($_POST['category'])) < 1) {
$errors[] = 'De Youtube categorie is te kort (2).';
}
}else{
$errors[] = 'De Youtube categorie is leeg gelaten.';
}
}else{
$errors[] = 'Er is geen Youtube categorie meegestuurd.';
}
if(count($errors) == 0) {
$name = trim($_POST['name']);
$password = trim($_POST['password']);
if($password != '') {
$bcrypt = new Bcrypt($config['security']['passwordsafety']);
$passwordHashed = $bcrypt->hash($password);
}
$lastname = trim($_POST['lastname']);
$birth = trim($_POST['birth']);
$city = trim($_POST['city']);
$mail = trim($_POST['mail']);
$youtube = trim($_POST['youtube']);
$about = trim($_POST['about']);
$category = trim($_POST['category']);
$update = $dbh->prepare('UPDATE users SET name = :name, insert = :insert, lastname = :lastname, ' . (($password != '') ? 'password = :password, ' : '') . 'birth = :birth, country = :country, city = :city, mail = :mail, facebook = :facebook, twitter = :twitter, google = :google, instagram = :instagram, youtube = :youtube, pinterest = :pinterest, about = :about, category = :category WHERE id = :id');
$update->bindParam(':name', $name, PDO::PARAM_STR);
$update->bindParam(':insert', $insert, PDO::PARAM_STR);
$update->bindParam(':lastname', $lastname, PDO::PARAM_STR);
if($password != '') {
$update->bindParam(':password', $passwordHashed, PDO::PARAM_STR);
}
$update->bindParam(':birth', $birth, PDO::PARAM_STR);
$update->bindParam(':country', $country, PDO::PARAM_STR);
$update->bindParam(':city', $city, PDO::PARAM_STR);
$update->bindParam(':mail', $mail, PDO::PARAM_STR);
$update->bindParam(':facebook', $facebook, PDO::PARAM_STR);
$update->bindParam(':twitter', $twitter, PDO::PARAM_STR);
$update->bindParam(':google', $google, PDO::PARAM_STR);
$update->bindParam(':instagram', $instagram, PDO::PARAM_STR);
$update->bindParam(':youtube', $youtube, PDO::PARAM_STR);
$update->bindParam(':pinterest', $pinterest, PDO::PARAM_STR);
$update->bindParam(':about', $about, PDO::PARAM_STR);
$update->bindParam(':category', $category, PDO::PARAM_STR);
$update->bindParam(':id', $user['id'], PDO::PARAM_INT);
$update->execute();
addlog('Account gewijzigd', $user['id']);
echo '<font color="gree">De gebruiker is succesvol gewijzigd.</font><meta http-equiv="refresh" content="1;url=http://panel.tubecreators.com/instellingen">';
$edited = true;
}else{
echo '<font color="red">Er ging wat mis. De volgende dingen gingen fout:<ul><li>' . join('</li><li>', $errors) . '</li></ul>De gebruiker is nniet gewijzigd.</font>';
}
}
if(!isset($edited)) {
?>
1 个解决方案
#1
insert is a reserved MySQL keyword. You need to quote it in backticks like `insert`. You should get used to doing this for all table and column names.
insert是一个保留的MySQL关键字。你需要在像`insert`这样的反引号中引用它。您应该习惯为所有表名和列名执行此操作。
Only variables should be passed by reference means exactly what it says. It is expecting a reference, therefore a variable must be passed to it. I can update this once you point me to line 130 of panel/settings.php.
只有变量应该通过引用传递它所说的内容。它期待引用,因此必须将变量传递给它。一旦你指向panel / settings.php的第130行,我就可以更新这个。
My assumption is the error is generated by bind_param which requires a reference. The one line of code I see that would certainly generate this warning is:
我的假设是bind_param生成错误,需要引用。我看到的一行代码肯定会产生这个警告:
$checkexist->bindParam(':mail', trim($_POST['mail']), PDO::PARAM_STR);
Here you are passing a return value instead of a variable. You could do this:
在这里,您传递的是返回值而不是变量。你可以这样做:
$trimMail = trim($_POST['mail'])
$checkexist->bindParam(':mail', $trimMail, PDO::PARAM_STR);
#1
insert is a reserved MySQL keyword. You need to quote it in backticks like `insert`. You should get used to doing this for all table and column names.
insert是一个保留的MySQL关键字。你需要在像`insert`这样的反引号中引用它。您应该习惯为所有表名和列名执行此操作。
Only variables should be passed by reference means exactly what it says. It is expecting a reference, therefore a variable must be passed to it. I can update this once you point me to line 130 of panel/settings.php.
只有变量应该通过引用传递它所说的内容。它期待引用,因此必须将变量传递给它。一旦你指向panel / settings.php的第130行,我就可以更新这个。
My assumption is the error is generated by bind_param which requires a reference. The one line of code I see that would certainly generate this warning is:
我的假设是bind_param生成错误,需要引用。我看到的一行代码肯定会产生这个警告:
$checkexist->bindParam(':mail', trim($_POST['mail']), PDO::PARAM_STR);
Here you are passing a return value instead of a variable. You could do this:
在这里,您传递的是返回值而不是变量。你可以这样做:
$trimMail = trim($_POST['mail'])
$checkexist->bindParam(':mail', $trimMail, PDO::PARAM_STR);