Extbase TYPO3 7.6 中的准备语句不起作用
Prepared statements in Extbase TYPO3 7.6 not working
我想将查询作为准备好的语句提交,如下所示。
$query = $this->createQuery();
$query->getQuerySettings()->usePreparedStatement(TRUE);
$sqlParamList[] = 'test@gamil.com';
$sql = 'SELECT uid FROM table_name WHERE email = ?';
$query->statement($sql, $sqlParamList);
$result = $query->execute();
但我总是会遇到如下错误。
You have an error in your SQL syntax; check the manual that
corresponds to your MariaDB server version for the right syntax to use near '?' at line 1'
我哪里错了?
您需要先将 $sql 解析为准备好的语句:
$preparedSql = $this->objectManager->get(\TYPO3\CMS\Core\Database\PreparedStatement::class, $sql, 'table_name');
使用 $this->objectManager->get() 实例化 class PreparedStatement 参数 $sql 和 'table_name'.
这将更改您的 $sql 并解析 ? 以用作准备好的语句。
另一种方法:
$query = $this->createQuery();
$query->getQuerySettings()->usePreparedStatement(TRUE);
$sqlParamList = [
':email' => 'test@gamil.com'
];
$sql = 'SELECT uid FROM table_name WHERE email = :email';
$query->statement($sql, $sqlParamList);
$result = $query->execute();
无法测试,只是一种方法。
我想将查询作为准备好的语句提交,如下所示。
$query = $this->createQuery();
$query->getQuerySettings()->usePreparedStatement(TRUE);
$sqlParamList[] = 'test@gamil.com';
$sql = 'SELECT uid FROM table_name WHERE email = ?';
$query->statement($sql, $sqlParamList);
$result = $query->execute();
但我总是会遇到如下错误。
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '?' at line 1'
我哪里错了?
您需要先将 $sql 解析为准备好的语句:
$preparedSql = $this->objectManager->get(\TYPO3\CMS\Core\Database\PreparedStatement::class, $sql, 'table_name');
使用 $this->objectManager->get() 实例化 class PreparedStatement 参数 $sql 和 'table_name'.
这将更改您的 $sql 并解析 ? 以用作准备好的语句。
另一种方法:
$query = $this->createQuery();
$query->getQuerySettings()->usePreparedStatement(TRUE);
$sqlParamList = [
':email' => 'test@gamil.com'
];
$sql = 'SELECT uid FROM table_name WHERE email = :email';
$query->statement($sql, $sqlParamList);
$result = $query->execute();
无法测试,只是一种方法。