问题
First, I use a MySQL POO API, there is the important part :
public function query($query,$params = null,$fetchmode = PDO::FETCH_ASSOC)
{
$query = trim($query);
$this->Init($query,$params);
if (stripos($query, 'select') === 0){
return $this->sQuery->fetchAll($fetchmode);
}
elseif (stripos($query, 'insert') === 0 || stripos($query, 'update') === 0 || stripos($query, 'delete') === 0) {
return $this->sQuery->rowCount();
}
else {
return NULL;
}
}
_
This API has a loging and showing Class to save and show the SQL error, there is my error :
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? WHERE firstname = ? AND age = ? ?' at line 1
Raw SQL : SELECT * FROM users WHERE id = :iduser
After this I found the SQL included, there is the function and the code who are using this function :
function get_member_informations($id)
{
global $bdd;
$dn = $bdd->query("SELECT * FROM users WHERE id = :iduser", array("iduser" => $id));
$dn[0]['avatar'] = base64_decode($dn[0]['avatar']);
return $dn;
}
And the code who use this function :
$profil = $bdd->query("SELECT * FROM users WHERE username = :username", array("username"=>$username));
$id = $profil[0]['id'];
$profile = get_member_informations($id);
I know it's a mysql and php issue, so to check if it was not the $id the cause of the error, i made a print_r on it but all was working as well. I don't know how to fix this, any help would be appreciated
回答1:
I'm the second dev working on it. After checking, the class was reporting the bad Raw SQL, i've fixed that and after checking, it's a :
FROM :table
"table"=> $this->table
Correcting it, thank to all of you, sorry for incoveniance. @dleiftah ==> Thanks for the great answers ;)
来源:https://stackoverflow.com/questions/19816838/php-sql-syntax-error-using-bind-parameters