[英]MSSQL php pdo pagination, some thing wrong on bindParam
Working fine with MsSQL
: 与
MsSQL
一起工作:
$ppage = 15;
$poset = 0;
$stmt = "SELECT * FROM tbl ORDER BY ID OFFSET {:$poset } ROWS FETCH NEXT {:ppage } ROWS ONLY";
$stmt = $this->conn->prepare($stmt);
$stmt->execute();
return $row = $stmt->fetchAll();
Not working fine with MsSQL
: 使用
MsSQL
不能正常工作:
$ppage = 15;
$poset = 0;
$stmt = "SELECT * FROM tbl ORDER BY ID OFFSET :poffset ROWS FETCH NEXT :perpage ROWS ONLY";
$stmt = $this->conn->prepare($stmt);
$stmt->bindParam(':poffset', $poset);
$stmt->bindParam(':perpage', $ppage);
$stmt->execute();
return $row = $stmt->fetchAll();
the query is fine with I use to run with variables actual data it works but it's not working when I set the variable by bindParam
, when am I missing. 查询很好,我用变量实际数据运行它但是当我通过
bindParam
设置变量时它不起作用,我bindParam
时候缺少。
Try using bindValue
instead: 请尝试使用
bindValue
:
$stmt = $this->conn->prepare($stmt);
$stmt->bindValue(':poffset', $poset, PDO::PARAM_INT);
$stmt->bindValue(':perpage', $ppage, PDO::PARAM_INT);
$stmt->execute();
Rather than using the bindParam()
function, inside of the parameters of the execute()
function, add an array containing the values. 而不是使用
bindParam()
函数,所述的参数的内部execute()
函数中,添加含有该值的数组。
Something like this: 像这样的东西:
$stmt = $this->conn->prepare($stmt);
$stmt->execute(array(':poffset' => $poset, ':perpage' => $ppage)); // using an array rather than the bindValue function.
Use it as you would normally with the bindParam
function, but substitute the commas for =>
. 像通常使用
bindParam
函数一样使用它,但用逗号代替=>
。
This way of doing things will save you having to call the bindParam()
function for each value & will still protect against SQL Injection. 做事的这种方式将节省您不必调用
bindParam()
函数的每个值将仍然防止SQL注入。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.