带引号的SQL查询不会返回结果
[英]SQL query with quotes doesn't return results
问题描述
I'm trying to query my sql database using PDO. 
我正在尝试使用PDO查询我的sql数据库。 There are instances in which there are quotes in my query. 在某些情况下,我的查询中带有引号。
function getPageByPagid($pagid) {
$db = dbConnection();
$sql = "SELECT * FROM pages WHERE pagid='".$pagid."'";
$q = $db->prepare($sql);
$q->setFetchMode(PDO::FETCH_ASSOC);
$q->execute();
$results = $q->fetch();
return $results;
}
The function I'm using does prepare my SQL so that it still should work if $pagid has quotes in it. 我使用的函数确实准备了我的SQL,因此如果$ pagid中带有引号,它仍然可以正常工作。 Now it is working when there aren't quotes, but it still isn't when there are quotes. 现在在没有引号的情况下可以使用,但是在没有引号的情况下仍然可以使用。 Why isn't this working? 为什么这不起作用?
PS: The quotes aren't escaped or anything in my database. PS:引号不会转义或在我的数据库中没有任何内容。
1 个解决方案
解决方案1
2 已采纳 2014-11-05 11:14:20
May be causing you have integer type of field and sending string try with 可能导致您具有整数类型的字段并尝试发送字符串
$sql = "SELECT * FROM pages WHERE pagid='$pagid'";
or better to use placeholder (PDO standard) 或更好地使用占位符(PDO标准)
function getPageByPagid($pagid) {
$db = dbConnection();
$sql = "SELECT * FROM pages WHERE pagid= :pagid";
$q = $db->prepare($sql);
$q->bindParam(':pagid', $pagid);
$q->setFetchMode(PDO::FETCH_ASSOC);
$q->execute();
$results = $q->fetch();
return $results;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.