[英]Passing date sql type in prepared statement with PDO
I'm using 000webhost to host my website.我正在使用 000webhost 来托管我的网站。
I'm trying to implement this flow:我正在尝试实现此流程:
I'm having trouble with step two.我在执行第二步时遇到了麻烦。 The code I'm using is this:我正在使用的代码是这样的:
$cleanupSql = "DELETE FROM `Turnos` WHERE Dia = :Dia AND Turno = :Turno ";
$cleanupSth = $conn->prepare($cleanupSql);
(...)
$temp = date_format($date,"Y-m-d");
$cleanupSth->bindParam(':Dia',$temp,PDO::PARAM_STR);
$cleanupSth->bindParam(':Turno',$splited[2],PDO::PARAM_STR);
$cleanupSth->execute();
$temp is equal to 2018-10-18 and splited[2] is "1". $temp 等于 2018-10-18 并且 splited[2] 是“1”。 dia of type date and Turno of type varchar. date 类型的 dia 和 varchar 类型的 Turno。 PHP doesn't present any errors, but the database is not changed. PHP 没有出现任何错误,但数据库没有更改。
I've also tried to use ?我也试过用 ? params, passing the dateTime object. params,传递 dateTime 对象。
When I run this query in the database, which , it works当我在数据库中运行此查询时,它可以工作
DELETE FROM `Turnos` WHERE Dia = "2018-08-18" AND Turno = "1"
EDIT: I've modified the script to run the query like so:编辑:我修改了脚本以运行查询,如下所示:
$cleanupSql = "DELETE FROM `Turnos` WHERE Turno = :Turno ";
But it doesn't reflect on the database.但它不会反映在数据库上。
The problem was the way I was getting the information for the Turno param.问题是我获取 Turno 参数信息的方式。 It was not correctly sanitized.它没有正确消毒。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.