6 
<?php
    $login = 'root'; 
    $password = 'root'; 
    $dsn = "mysql:host=localhost";
    $dbb = 'account';
    $opt = array(
    // any occurring errors wil be thrown as PDOException
    PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
    // an SQL command to execute when connecting
    PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'"
    );

    // Making a new PDO conenction.
    $conn = new PDO($dsn, $login, $password,$opt);

    $db = $conn->prepare( "CREATE SCHEMA IF NOT EXISTS `?` "); 
    $db->bindParam(1, $dbb);
    $db->execute();          

    ?>

它工作正常,但它使用单引号创建了一个名为“帐户”的数据库,有人知道如何删除单引号。我尝试了很多东西,但它并没有消除。

4

2 回答 2

2

这是有效的:

<?php
$login = 'root';
$password = 'root';
$dsn = "mysql:host=localhost"; 
$dbb = 'account';
$opt = array(
// any occurring errors wil be thrown as PDOException
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
// an SQL command to execute when connecting
PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'"
);

// Making a new PDO conenction.
$conn = new PDO($dsn, $login, $password,$opt);

$db = $conn->prepare( "CREATE SCHEMA IF NOT EXISTS $dbb "); 
$db->execute();          

?>

我猜你不能使用 bindParam 准备数据库

于 2013-07-11T11:33:02.040 回答
1

根据http://www.php.net/manual/en/book.pdo.php,您应该将表、列和数据库名称等内容列入白名单。

尝试;

$db = $conn->prepare( "CREATE SCHEMA IF NOT EXISTS " . $dbb); 
$db->execute();
于 2013-07-11T11:33:59.423 回答