PDO SELECT錯誤處理

Question

嗨我試圖確保當用戶登錄到網站，他們是一個用戶。使用MYSQL很容易，但我必須使用PDO，並且我正在努力研究如何讓它拋出錯誤消息並且不讓用戶登錄。

我已經在下面包含了PHP select語句。

$sql = "SELECT C.cid,C.first_name,C.sirname, S.sid 
     FROM CUSTOMER as C, 
       STAFF as S 
     WHERE C.email_address='".$email_address."' 
      AND C.password='".$password."' 
      AND S.CUSTOMER_CID=C.cid"; 

$runsql = static::db(); 
$runsql->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION); 
//self::get()->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
try { 
    foreach ($runsql->query($sql) as $row) { 
     /*if ($result = $runsql->prepare("SELECT C.cid,C.first_name,C.sirname, S.sid FROM CUSTOMER as C, STAFF as S WHERE C.email_address='".$email_address."' AND C.password='".$password."' AND S.CUSTOMER_CID =C.cid")) { 
     */ 
     //print_r($runsql); 
     //Check to make sure the user is on the staff list. 
     $_SESSION['customer_id'] = $row->cid; 
     $_SESSION['first_name'] = $row->first_name; 
     $_SESSION['last_name'] = $row->sirname; 
     $_SESSION['sid'] = $row->sid; 
     $_SESSION['logged_in'] = true; 
    } 
} catch(PDOException $e) { 
    /* If PDO fails we handle it here */ 
    echo "Your query failed: " . $e->getMessage(); 
} 

Answer 1

首先，你必須明白，如果沒有找到用戶，這不是一個錯誤。它從來沒有如此舊的MySQL分機，也沒有與PDO。你必須檢查的不是一個錯誤，而是你的查詢是否返回任何東西。

爲此，您只需要撥打一個電話fetch()。

$sql = "SELECT C.cid,C.first_name,C.sirname, S.sid 
     FROM CUSTOMER as C, STAFF as S 
     WHERE C.email_address=? AND C.password=? 
     AND S.CUSTOMER_CID=C.cid"; 
$stmt = static::db()->prepare($sql); 
$stmt->execute([$email_address,$password]); 
$row = $stmt->fetch(PDO::FETCH_OBJ); 

if ($row) 
{ 
     $_SESSION['customer_id'] = $row->cid; 
     $_SESSION['first_name'] = $row->first_name; 
     $_SESSION['last_name'] = $row->sirname; 
     $_SESSION['sid'] = $row->sid; 
     $_SESSION['logged_in'] = true; 
} else { 
    echo "wrong credentials"; 
} 

請注意，您必須設置ATTR_ERRMODE右後連接並不會改變它。

雖然真正的錯誤處理是一個不同的問題，它通常與PDO無關，並且必須對整個站點都是相同的。