我有一個函數,它在語法問題上拋出了一個不尋常的錯誤。看一看。PHP PDO語句引發致命錯誤
public static function authenticate($_user, $_pass)
{
$sql = 'SELECT password, key
FROM users
WHERE username = ' . $_user;
$stm = Db::init()->prepare($sql);
if ($stm->execute())
return $stm->fetch(PDO::FETCH_ASSOC);
}
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key FROM users WHERE username = testuser1' at line 1' in /class.php:111
Stack trace:
#0 /class.php(111): PDOStatement->execute()
#1 /class.php(118): Password::authenticate('testuser1', 'test')
#2 {main} thrown in /class.php on line 111
任何想法,這是什麼意思?
啊,還有。我顯然太新學校了。我遇到以下情況:'致命錯誤:帶有消息'SQLSTATE [42S22]的未捕獲異常'PDOException':未找到列:1054 /class.php:111中'where子句'中未知列'testuser1'堆棧跟蹤:#0 /class.php(111):PDOStatement-> execute()#1 /class.php(118):Password :: authenticate('testuser1','test')#class {2} 111' – grep
這是因爲'$ _user'周圍沒有引號。 – Asaph
@Asaph:我不明白爲什麼這很重要? – grep