0

I use PDO to execute sql

"INSERT INTO zhushou_cost_uid
(uid,imei,wmac,imsi,channel,supplier,uuid,brand,device_model,os,os_version,app_version,promotion_method,log_source,takeup_date)
 VALUES
('863207010118070','863207010118070','02037ff459cb','460025323359694','sc-hjcx_ins_cgq','','�ܟ*c�1�]�y�.���#���h���!�o ��z�!Y�~��t8�KOd�xd]���sm����n%$����H����[?�p���M����','KINGSUN','KINGSUN S6','Android','4.1.2','3.2','','1','2015-11-29 03:21:21')",

PHP code:

$db = $this->getWritableDB();
$stmt = $db->prepare($sql);
$exec = $stmt->execute();

the data of uuid is dirty data, and in our log it is

"uuid":"�ܟ*c�1�]�y�.���#��\u0015�h\u001a���!\u001c�\u0013o �\u0013�z�\u0000!Y�~��t8�KOd�xd]�\u0001��sm\u0016����\u0001n\u0013%$����H����[\u0003?�p���M��\u001a��"

I got the result

SQLSTATE[HY093]: Invalid parameter number: no parameters were bound.

When I try to copy the sql onto the terminator, exiting the mysql login status. I think there is something wrong in uuid. But I can not figure out it. Can anyone help me? Thank you very much!

enter image description here

Improve this question
4
  • 2
    Copy the SQL to the terminator which leads to exit mysql login status, I am so confused. Commented Dec 8, 2015 at 8:30
  • 2
    Please post your php code. Possible duplicate of stackoverflow.com/questions/20436745/… Commented Dec 8, 2015 at 8:35
  • Our php code likes this(the SQL is in my question): $db = $this->getWritableDB(); $stmt = $db->prepare($sql); $exec = $stmt->execute(); Commented Dec 8, 2015 at 8:48
  • Update your question with that code, don't leave it in a comment. Commented Dec 8, 2015 at 8:50

1 Answer 1

Reset to default
5 
$stmt = $db->prepare($sql);

Since you're preparing your statement, if there's anything in it that can be interpreted as a question mark or colon, it will be taken as a placeholder and you're expected to then pass values for it in the execute step. Since this is not actually what you're intending, don't prepare the statement if you don't intend to have placeholders in it. Instead:

$db->exec($sql);

Having said that, it's suspicious that you're passing a fully formed SQL query in $sql; perhaps you should be rewriting this whole thing so you do have actual placeholders in your query and are passing the actual values separately to execute.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I tried what you said, the SQL executed successfully, thanks very much.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.