[英]How do I add a string at the end of user input in SQL/PHP
I have a SQL query that is based on user input.我有一个基于用户输入的 SQL 查询。 However, in the table, theres a "-1" at the end of every word that you search for.但是,在表格中,您搜索的每个单词的末尾都有一个“-1”。 For example if you want to get the sql result of car, it's actually named car-1 in the database, but the user should only be able to search for car.比如你想得到car的sql结果,其实数据库里的名字是car-1,但是用户应该只能搜索car。 This is how its setup:这是它的设置方式:
$sql = "SELECT * FROM that WHERE this = ?";
$stmt = $conn->prepare($sql);
$search_query = $_POST['this'];
$stmt->bind_param('s', $search_query);
$stmt->execute();
$result = $stmt->get_result();
What I want, is that the select query should be like:我想要的是,选择查询应该是这样的:
$sql = "SELECT * FROM that WHERE this = ? + '-1'";
But ^^ doesn't work.但是 ^^ 不起作用。
$sql = "SELECT * FROM test WHERE NAME='car' & -1";
test = that
NAME= table name
'car' = this
Why don't you just concat -1
to search_query
:为什么不直接将-1
到search_query
:
$sql = "SELECT * FROM that WHERE this = ?";
$stmt = $conn->prepare($sql);
$search_query = $_POST['this'];
$stmt->bind_param('s', $search_query.'-1');
$stmt->execute();
$result = $stmt->get_result();
Using MySQL:使用 MySQL:
$sql = "SELECT * FROM that WHERE this = CONCAT(?, '-1')";
Using PHP:使用 PHP:
$stmt->bind_param('s', $search_query . "-1");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.