php 调用未定义的方法 PDO::execute()
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23371118/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Call to undefined method PDO::execute()
提问by user3531649
i'm trying to code a page login but i was stopper at this error
我正在尝试对页面登录进行编码,但我被这个错误阻止了
pliz tell me the wrong thing here
请告诉我这里的错误
<?php
@session_start();
include("../../connexion/connexion.php");
class login_class {
public $user;
public $password;
public $connexion;
public function check_login() {
try {
$cn = new class_connect();
$this->connexion = $cn->connect(null);
$result = $this->connexion->execute("select * from user where username='$this->user' and password='$this->password'");
$data = $result->fetchAll(PDO::FETCH_OBJ);
if (!empty($data[0]->id_user)) {
return true;
}else {
return false;
}
}catch(PDOException $ex) {
echo $ex->getMessage();
}
}
public function __construct($user) {
if($user){
$this->user = $user["username"];
$this->password = $user["password"];
}
}
}
?>
回答by Marc B
->execute()is for prepared statements. e.g.
->execute()用于准备好的语句。例如
$stmt = $dbh->prepare('some query here');
$stmt->execute();
You're trying to execute a query directly on the main DB object. For PDO, that means
您正在尝试直接在主数据库对象上执行查询。对于 PDO,这意味着
$dbh->exec('query goes here');
You really should look into prepared statements. You're vulnerable to SQL injection attacksas is, and since you're using PDO to begin with, it's basically unforgivable to NOT be writing safe queries.
你真的应该看看准备好的语句。您很容易受到SQL 注入攻击,而且由于您开始使用 PDO,因此不编写安全查询基本上是不可原谅的。
