[英]What's wrong within SQL query?
I'm using this query to get range of rows for example 0-5 , But I get an error message.我正在使用此查询来获取行范围,例如 0-5 ,但我收到一条错误消息。
Here is the code:这是代码:
if(isset($_GET['page']) && isset($_GET['per'])){
$per = $_GET['per'];
$pageNumber = $_GET['page'];
$from = ($pageNumber * $per) - $per;
$results = $pdo->prepare('SELECT * FROM users LIMIT :sfrom , :sto');
$results->execute(array('sfrom' => $from , 'sto' => $per));
}
I get the following error :我收到以下错误:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax;致命错误:未捕获的异常 'PDOException' 带有消息 'SQLSTATE[42000]:语法错误或访问冲突:1064 您的 SQL 语法有错误; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''5' , '5''
检查与您的 MariaDB 服务器版本相对应的手册,了解在 ''5' , '5'' 附近使用的正确语法
I think that's because the $from
and $per
are inserted as strings or something I tried to convert them to int using (int)$from
, (int)$per
But still having the same error我认为这是因为
$from
和$per
是作为字符串插入的,或者我试图使用(int)$from
, (int)$per
将它们转换为 int 但仍然有相同的错误
The values passed must be integers but casting them is not enought.传递的值必须是整数,但转换它们是不够的。
Instruct PDO the binded parameters' type is integer by using PDOStatement::
bindParam
使用
PDOStatement::
bindParam
指示PDO绑定参数的类型为整数
Then call PDOStatement::
execute
as last step (without parameters).然后调用
PDOStatement::
execute
作为最后一步(不带参数)。
$results = $pdo->prepare('SELECT * FROM users LIMIT :sfrom , :sto');
$results->bindParam(':sfrom', (int)$from, PDO::PARAM_INT );
$results->bindParam(':sto', (int)$to, PDO::PARAM_INT );
$results->execute();
See http://php.net/manual/en/pdostatement.bindparam.php见http://php.net/manual/en/pdostatement.bindparam.php
Setting $per
and $from
as numeric strings is totally OK.将
$per
和$from
设置为数字字符串是完全可以的。 Make sure you are not passing "'5'"
as a value.确保您没有将
"'5'"
作为值传递。 Casting "'5'"
to int
results in 0
.将
"'5'"
为int
结果为0
。 Try尝试
// remove " and ' then cast to int
$yourNumber = (int) str_replace(['"', "'"], '', $yourInput);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.