I have successfully made my symfony app connect to a MSSQL database using realestateconz/mssql-bundle and Free TDS.
My problem is that when I try to execute a stored procedure, that procedure throws an exception if something goes wrong, but PDO reports nothing back.
If I do the same thing using mssql_* functions I get a warning with the correct error message from MSSQL.
What is PDO doing differently?
Here are the two samples of code;
//PDO Version
try {
$conn = new PDO($dsn, $user, $pass);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
var_dump($e->getMessage());
die;
}
$stmt = $conn->prepare("INSERT INTO importex_parteneri (id_importex, cif_cnp, denumire) VALUES (1, 9671891, 'Nexus Media')");
$result = $stmt->execute();
var_dump($result); //true
$stmt = $conn->prepare("exec dbo.importex_parteneri_exec 1");
$result = $stmt->execute();
var_dump($result); //true
The mssql_* example
$connection = mssql_connect($server, $user , $pass);
mssql_select_db($nexus_bazadate, $connection);
$result = mssql_query("INSERT INTO importex_parteneri (id_importex, cif_cnp, denumire) VALUES (1, 9671891, 'Nexus Media')");
var_dump($result);
$result = mssql_query("exec dbo.importex_parteneri_exec 1");
var_dump($result);
/*
* The output is
*
* bool(true)
PHP Warning: mssql_query(): message: Error 50000, Level 16, State 1, Procedure importex_parteneri_exec, Line 181, Message: PRT012 - Eroare import par9671891 (severity 16) in /home/vagrant/cv.dev/web/test.php on line 19
PHP Warning: mssql_query(): General SQL Server error: Check messages from the SQL Server (severity 16) in /home/vagrant/cv.dev/web/test.php on line 19
bool(true)
*/
SOLUTION
I ended up adding a wraper around PDO::execute function function
execute(\PDOStatement $stmt, array $params = array())
{
$result = $stmt->execute($params);
$err = $stmt->errorInfo();
switch ($err[0]) {
case '00000':
case '01000':
return true;
default:
//case HY000
return false;
}
}
I may be wrong but I don't recall seeing a native way to handle SQL warnings in PDO in a somehow automated way. According to a user comment you can test manually for the SQLSTATE error code and it'll be:
'00000' (success)
'01000' (success with warning)
If it actually works, it's of course annoying to do by hand. If you have a custom layer on top of PDO you can always do it in your custom exec method.
Related
I am trying to read an mdb file with PDO but I get "segmentation fault" error.
So far now what I did:
- installed php-odbc driver
- set correctly "/etc/odbcinst.ini" file
- connected to mdb file with PDO
- read some tables.
I can read some data from the mdb file without errors, but I do not know why sometimes I get "segmentation fault" error.
try {
$db = storage_path("import/mdb/" . $this->argument('file'));
if(!file_exists($db)) {
die('Error finding access database');
}
// Connection to ms access
$conn = new \PDO("odbc:Driver=MDBTools;DBQ=$db", "", "");
$sql = "SELECT * FROM Table";
$stmt = $conn->prepare($sql);
$stmt->execute(); // IT WORKS
$results = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$sql = "SELECT * FROM Table_1";
$stmt = $conn->prepare($sql);
$stmt->execute(); // IT DOES NOT WORK
$results = $stmt->fetchAll(\PDO::FETCH_ASSOC);
} catch (\Exception $e) {}
I'm running through a tutorial where it uses MySQLi but instead I'm using PDO and I have been trying to pin the issue to why I am getting this error:
Fatal error: Call to a member function errorInfo() on string in D:\Program Files (x86)\xampp\htdocs\repos\bla\web\inboxPage.php on line 34
Here is where I am trying to call the errorInfo(), I had previously used mysql_error(); as per tutorial, but this also threw the same error. Before using errorInfo() I was looking around to see if there was a PDO equivelant to mysql_error() which lead me to what you see below - Me thinking it would work. But it didn't.
Tutorials example:
$query = "SELECT id, sender, subject, message FROM messages WHERE reciever='$user'";
$sqlinbox = mysql_query($query);
if(!$sqlinbox)
{
?>
<p><?php print '$query: '.$query.mysql_error();?></p>
<?php
}
My Example:
$sql = 'SELECT id, Sender, Subject, Message FROM privatemessages WHERE Receiver = :receiver';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':receiver', $user);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$result){
?>
<p><?php print '$sql: '.$sql.errorInfo(); ?></p>
<?php
}
Here is my connection to the database:
$servername = 'localhost';
$user = 'root';
$pass = '';
$database = 'tutor_database';
try {
$conn = new PDO("mysql:host=$servername;dbname=$database", $user, $pass);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $e){
echo "Connection failed: " . $e->getMessage();
}
In addition, I did try the first example from the PHP Manual website -> http://php.net/manual/en/pdostatement.errorinfo.php and found that doing so gave me:
PDO::errorInfo():
Notice: Array to string conversion in D:\Program Files (x86)\xampp\htdocs\repos\bla\web\inboxPage.php on line 37
$sql: Array
...instead.
Would appreciate some help on this as I'm clearly failing to see what is happening. Thanks in advance.
In PDO a completely different method for the error reporting have to be used. In short, PDO will report its errors already, without the need to write any code.
So just take out the error reporting part, leaving only
$sql = 'SELECT id, Sender, Subject, Message FROM privatemessages WHERE Receiver = :receiver';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':receiver', $user);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
that's all you need.
Hey Everyone it has been awhile wince I've worked with try/catch blocks but I would like to start using them again just for purpose of error handling and proper practices. My code is below,
$email_code = $_REQUEST['code']; //retrive the code from the user clicked link in the email
//database information
$dsn = 'mysql:host=localhost;dbname=primarydb';
$username = 'root';
$password = '';
try {
//option for PDO allows for prepared SQL statements that will mazimize the prevention of sql injections and malicious attacks on the server and databases
$conn = new PDO($dsn, $username, $password); //establish the connection
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); //disable the php parse from parsing the statements.
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); //allow error mode to be active in order to display any errors which may open up holes to attacks
//if the connection fails the try/catch block will pick it up
if (!$conn) {
throw new PDOException('Fatal error on connection');
} else {
//prepare and exexcute the query to match the codes up
$stmt = $conn->prepare("SELECT email_code, active from primarydb.user WHERE email_code = ?");
$stmt->bindParam(1, $email_code, PDO::PARAM_STR, 32);
//check to make sure that the statment executes properly
if (!$stmt->execute()){
throw new PDOException("PDO ERROR ON EXECUTION:\n" . $stmt->errorInfo());
} else { //statement has not failed
//get the row count
$count = $stmt->rowCount();
//traverse the results
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
//there can only be one!
if ($count != 1 || $row['active'] != 0) {
//generate error message
throw new PDOException("Wrong Code");
} else {
echo "working";
//prepare the update statement
$stmt = $conn->prepare("UPDATE primarydb.user SET active = ? WHERE email_code = ?");
$stmt->brindParam(1, 1, PDO::PARAM_INT);
$stmt->bindParam(2, $email_code, PDO::PARAM_STR, 32);
if (!$stmt->execute()) {
throw new PDOException("We're sorry but we can not update your profile at this time, plesae try again later. If this problem persists please contact customer service.");
} else {
print "Your account has now been activated and it is ready to use!";
}
}
}
}
}
} catch(PDOException $e){
//display error message if the database has failed in some manner
echo $e->getMessage();
}
I would like to know why I am not getting any of the error messages, and then how do I fix this problem so that I can avoid making the same problems again in the future. If there is something that is missing or if more information is needed please let me know. Otherwise I think it is pretty straight forward.
ADDITIONAL INFO: I have putt a message that says working at each block of if/else and the one it finally stops showing up at is when I check if($count != 1 || $row['active'] != 0)
UPDATE
<?php
$email_code = $_REQUEST['code']; //retrive the code from the user clicked link in the email
//database information
$dsn = 'mysql:host=localhost;dbname=primarydb';
$username = 'root';
$password = '';
try{
//option for PDO allows for prepared SQL statements that will mazimize the prevention of sql injections and malicious attacks on the server and databases
$conn = new PDO($dsn, $username, $password); //establish the connection
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); //disable the php parse from parsing the statements.
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); //allow error mode to be active in order to display any errors which may open up holes to attacks
//prepare the update statement
$stmt = $conn->prepare("UPDATE primarydb.user SET active = ? WHERE email_code = ?");
$stmt->bindParam('is', $a = 1, $email_code);
if($stmt->execute()){
print "Your account has now been activated and it is ready to use!";
}
} catch(PDOException $e){
//display error message if the database has failed in some manner
echo $e->getMessage();
}
?>
Generated new code, I don't want to get off topic, but I would like a complete solution to this problem. I am now getting the following error
Strict Standards: Only variables should be passed by reference in C:\inetpub\wwwroot\mjsite\login\complete_registration.php on line 14
SQLSTATE[HY000]: General error: 2031
Thoughts?
Please read this first line from the PDOException documentation:
Represents an error raised by PDO. You should not throw a PDOException
from your own code.
Just throw and catch regular old Exceptions. This would also catch a PDOException which inherits from it.
This also gives you a much better way to distinguish between actual exception thrown by PDO and your own exceptions. By the way, it would seem you have a number of cases where you are redundantly throwing exception when PDO would have encountered an error and thrown an exception anyway. Only the first exception will be caught, so in many of those cases, your throw would never be executed.
Also why bother with the SELECT before the update at all? YOu are basically just wasting a query because you aren't doing anything with the selected information. Perhaps just go straigth for update and handle cases where email_code doesn't exist.
I am calling a mysql stored procedure using PDO in PHP
try {
$conn = new PDO("mysql:host=$host_db; dbname=$name_db", $user_db, $pass_db);
$stmt = $conn->prepare('CALL sp_user(?,?,#user_id,#product_id)');
$stmt->execute(array("user2", "product2"));
$stmt->setFetchMode(PDO::FETCH_COLUMN, 0);
$errors = $stmt->errorInfo();
if($errors){
echo $errors[2];
}else{
/*Do rest*/
}
}catch(PDOException $e) {
echo "Error : ".$e->getMessage();
}
that return below error because the name of the field in insert query was given wrong
Unknown column 'name1' in 'field list'
So i want to know if this is possible to get detailed error information something like:-
Unknown column 'Tablename.name1' in the 'field list';
that could tell me what column of which table is Unknown.
while creating the pdo connection, pass options like error mode and encoding:
The PDO system consists of 3 classes: PDO, PDOStatement & PDOException. The PDOException class is what you need for error handling.
Here is an example:
try
{
// use the appropriate values …
$pdo = new PDO($dsn, $login, $password);
// any occurring errors wil be thrown as PDOException
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$ps = $pdo->prepare("SELECT `name` FROM `fruits` WHERE `type` = ?");
$ps->bindValue(1, $_GET['type']);
$ps->execute();
$ps->setFetchMode(PDO::FETCH_COLUMN, 0);
$text = "";
foreach ($ps as $row)
{
$text .= $row . "<br>";
}
// a function or method would use a return instead
echo $text;
} catch (Exception $e) {
// apologise
echo '<p class="error">Oops, we have encountered a problem, but we will deal with it. Promised.</p>';
// notify admin
send_error_mail($e->getMessage());
}
// any code that follows here will be executed
I found this to be helpful for me. "error_log" prints to the php error log but you can replace with whatever way you'd like to display the error.
} catch (PDOException $ex){
error_log("MYSQL_ERROR"); //This reminds me what kind of error this actually is
error_log($ex->getTraceAsString()); // will show the php file line (and parameter
// values) so you can figure out which
// query/values caused it
error_log($ex->getMessage()); // will show the actual MYSQL query error
// e.g. constraint issue
}
p.s. I know this is a bit late but maybe it can help someone.
I'm calling a mysql stored procedure with two input parameters. This is the code I have:
if (isset($_POST['button1'])) {
$con = mysql_connect("localhost:3306","root","");
if (!$con) {
echo '<b>Could not connect.</b>';
die(mysql_error()); // TODO: better error handling
} else {
mysql_select_db("php_database_1", $con);
$username_v = $_POST['username'];
$password_v = $_POST['password'];
$stmt = $dbh->prepare("CALL login(?, ?)");
$stmt->bindParam(2, $username_v, $password_v, PDO::PARAM_STR|PDO::PARAM_INPUT_OUTPUT, 4000);
// call the stored procedure
$stmt->execute();
print "procedure returned $username_v\n";
When executing, I get:
Notice: Undefined variable: dbh in E:\xampp\htdocs\php4\default.php on line 52
Fatal error: Call to a member function prepare() on a non-object in E:\xampp\htdocs\php4\default.php on line 52
How can I fix this?
Thanks.
Edited: After seeing more code, you have attempted to mix the mysql_() functions with PDO. You cannot do that -- instead, use PDO only. The two APIs do not work together, and the old mysql_*() API does not support prepared statements at all.
You have not connected to your database or instantiated a PDO object.
$username_v = $_POST['username'];
$password_v = $_POST['password'];
$dsn = 'mysql:dbname=testdb;host=127.0.0.1';
// You must first connect to the database by instantiating a PDO object
try {
$dbh = new PDO($dsn, 'root', 'root_db_pw');
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
// Then you can prepare a statement and execute it.
$stmt = $dbh->prepare("CALL login(?, ?)");
// One bindParam() call per parameter
$stmt->bindParam(1, $username_v, PDO::PARAM_STR);
$stmt->bindParam(2, $password_v, PDO::PARAM_STR);
// call the stored procedure
$stmt->execute();
Having tried Michaels solution for another task and failed miserably with the CALL procedure telling that it expected 0 parameters and got 2, I'll just leave this workaround for others with the same issues:
$username_v = $_POST['username'];
$password_v = $_POST['password'];
$dsn = 'mysql:dbname=testdb;host=127.0.0.1';
// You must first connect to the database by instantiating a PDO object
try {
$dbh = new PDO($dsn, 'root', 'root_db_pw');
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
// Then you can prepare a statement and execute it.
$stmt = $dbh->prepare("SET #username_v = '$username_v'; SET #password_v = '$password_v'; CALL login()");
// call the stored procedure
$stmt->execute();
If you want to call a stored procedure with IN parameter without PDO then below code might help you.
$stmt = $conn->prepare("CALL dataCreation(?)");
mysqli_stmt_bind_param($stmt, "s", $lastDate);
mysqli_stmt_execute($stmt);
Hope this will help someone.