php mysqli bind_params 不工作
php mysqli bind_params not working
我正在尝试使用以下代码获取参数化查询:
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%?%'");
$stmt->bind_param('s', $search);
$search = $_GET['search'];
$stmt->execute();
$result = $stmt->get_result();
然而,在执行查询后,我检查了我的 mysql 数据库中的 general_log table,查询并没有改变:
SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%?%'
编辑:
终于用下面的代码让它工作了:
$param = "%{$_POST['search']}%";
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE ?");
$stmt->bind_param('s', $param);
$stmt->execute();
$result = $stmt->get_result();
感谢大家的帮助!
更改打击代码。
$stmt->bind_param(':s', $search);
或
SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%:s%'
$stmt->bind_param(':s', $search);
由于您将占位符用 ' 包裹起来,因此它被认为是普通字符串而不是占位符。
正确的方法是用 %%:
包装你绑定的变量
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE ?");
$stmt->bind_param('s', $search);
$search = '%'.$_GET['search'].'%';
$stmt->execute();
$result = $stmt->get_result();
类似问题:
- php mysqli prepared statement LIKE
- MySqli prepare statement error when used for LIKE
我正在尝试使用以下代码获取参数化查询:
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%?%'");
$stmt->bind_param('s', $search);
$search = $_GET['search'];
$stmt->execute();
$result = $stmt->get_result();
然而,在执行查询后,我检查了我的 mysql 数据库中的 general_log table,查询并没有改变:
SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%?%'
编辑:
终于用下面的代码让它工作了:
$param = "%{$_POST['search']}%";
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE ?");
$stmt->bind_param('s', $param);
$stmt->execute();
$result = $stmt->get_result();
感谢大家的帮助!
更改打击代码。
$stmt->bind_param(':s', $search);
或
SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%:s%'
$stmt->bind_param(':s', $search);
由于您将占位符用 ' 包裹起来,因此它被认为是普通字符串而不是占位符。
正确的方法是用 %%:
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE ?");
$stmt->bind_param('s', $search);
$search = '%'.$_GET['search'].'%';
$stmt->execute();
$result = $stmt->get_result();
类似问题:
- php mysqli prepared statement LIKE
- MySqli prepare statement error when used for LIKE