我一直在尝试提取$user等于我的sql数据库中订户ID的所有信息。我正在使用PDO方法来插入数据,并希望也使用查询功能。我从我的尝试条件中收到以下错误消息。
致命错误:在非对象上调用成员函数 setFetchMode()
我已经考虑过问题可能是由我用来提取数据的方法引起的,因为 PDO 对我来说相当新。(我包括一个顶部.php建立数据库的链接)
感谢您的建议
<?php
include "top.php";
try{
$user = $_SESSION['login'];
echo "Welcome <strong>$user</strong> to your saved holidays";
//$getSavedHolidays = $db->query("SELECT * FROM saved_holidays WHERE subscriberID='$user'");
//preparing a PDO statment for accessing saved holidays when the logged in user matchs the subscriberID
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$getSavedHolidays = $db->prepare("SELECT * FROM saved_holidays WHERE subscriberID=:user");
//uses a bind valu as this makes the statment more secure
$getSavedHolidays->bindValue(":user", $_SESSION['login']);
$getsavedHolidays->setFetchMode(PDO::FETCH_ASSOC);
$getSavedHolidays->execute();
foreach ($Result as $row)
{
echo "<p><a href'".$row['link']."'>".$row['title']."</a><br '>" .
$row['description'] . "<br '>" .
$row['pubDate'] ."<br '></p>";
}
}
catch (PDOException $e)
{
print_r($e->errorInfo);
die();
}
?>
你应该准备你的陈述。它有一个很好的额外好处,那就是更安全,而且它将解决您的问题。
$user = $_SESSION['login'];
try {
$db = new PDO("mysql:host=localhost;dbname=database", "user", "pass");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$getSavedHolidays = $db->prepare("SELECT * FROM saved_holidays WHERE subscriberID=:user");
$getSavedHolidays->bindValue(":user", $_SESSION['login']);
$getSavedHolidays->setFetchMode(PDO::FETCH_ASSOC);
$getSavedHolidays->execute();
$Result = $getSavedHolidays->fetchAll();
foreach ($Result as $row) {/*...*/}
}
catch (PDOException $e) {
print_r($e->errorInfo);
die();
}
编辑
您在上面粘贴的代码中有一个错误:
$$getSavedHolidays = $db->prepare("SELECT * FROM saved_holidays WHERE subscriberID=:user");
应该是
$getSavedHolidays = $db->prepare("SELECT * FROM saved_holidays WHERE subscriberID=:user");
存在显式语法错误。 沉思结束单引号:
$getSavedHolidays = $db->query("SELECT * FROM saved_holidays WHERE subscriberID='$user'");
顺便说一下,由于您使用的是PDO,因此使用bindValue函数将值传递给SQL请求更安全。