PHP 在 bind_param 中内爆
[英]PHP implode in bind_param
问题描述
I'm trying to create an advanced search in php.
我正在尝试在 php 中创建高级搜索。 The inputs are not required, users can decide if they want to search for a manufacturer or just set the minimum price, etc. I'm trying to save the "s" and "i" for the bind_param in an array, and the variables in another array, then implode them in the bind_param part.不需要输入,用户可以决定是要搜索制造商还是只设置最低价格等。我试图将 bind_param 的“s”和“i”保存在数组中,以及变量在另一个数组中,然后将它们内爆到 bind_param 部分。 This is where I got the problem.这就是我遇到问题的地方。 The $params implode works fine, but when I'm trying to implode the $vars array, I get the error message that says "Only variables should be passed by reference". $params 内爆工作正常,但是当我尝试内爆 $vars 数组时,我收到一条错误消息,上面写着“只有变量应该通过引用传递”。 It's because if I push a variable to my array, it stores it's value and not the variable itself.这是因为如果我将一个变量推送到我的数组中,它会存储它的值而不是变量本身。 I've tried to push them as strings, like '$example', but in this case, when I implode it, got the same message because it's a string.我尝试将它们作为字符串推送,例如“$example”,但在这种情况下,当我将其内爆时,会收到相同的消息,因为它是一个字符串。 So, how should I store them in the array to be able to use them in the bind_param?那么,我应该如何将它们存储在数组中以便能够在 bind_param 中使用它们?
In this example I show only 2 inputs, but ofc I have a lot more.在这个例子中,我只展示了 2 个输入,但我还有更多。
if ($_SERVER['REQUEST_METHOD'] == 'GET' && isset($_GET['search_button'])) {
$params[] = "i";
$vars[] = '$status';
$sql_search = 'SELECT m.*, u.premium, u.avatar FROM motorcycles m INNER JOIN users u ON u.id = m.userid WHERE status = ?';
if (isset($_GET['manufacturer_search']) && $_GET['manufacturer_search'] !== "") {
$manufacturer_search = $_GET['manufacturer_search'];
$sql_search .= " AND manufacturer LIKE ?";
array_push($params, 's');
array_push($vars, '$manufacturer_search');
}
if (isset($_GET['min_price']) && $_GET['min_price'] !== "") {
$min_price = $_GET['min_price'];
$sql_search .= " AND price >= ?";
array_push($params, 'i');
array_push($vars, '$min_price');
}
$sql_search .= " ORDER BY u.premium DESC LIMIT ?, ?";
array_push($params, 'ii');
array_push($vars, '$this_page_first_result', '$results_per_page');
$stmt_search = $link->prepare($sql_search);
$stmt_search->bind_param(implode("", $params), implode(",", $vars));
$stmt_search->execute();
$result = $stmt_search->get_result();
}
1 个解决方案
解决方案1
1 已采纳 2021-04-02 08:51:08
You should provide the variables you want separately as the last parameter of bind_params , what you are doing is creating a string of all your variables and passing that.您应该分别提供您想要的变量作为bind_params的最后一个参数,您所做的是创建一个包含所有变量的字符串并传递它。
Change改变
$stmt_search->bind_param(implode("", $params), implode(",", $vars));
To至
$stmt_search->bind_param(implode("", $params), ...$vars );
And PHP will take all entries inside your $vars array and pass them as separate parameters of the function. PHP 将获取$vars数组中的所有条目,并将它们作为 function 的单独参数传递。
For more information on this see the Documentation of bind_param , PHP's introduction of the splat operator here and here and some extra information on stack overflow.有关这方面的更多信息,请参阅bind_param的文档、PHP 在此处和此处对splat operator的介绍以及有关堆栈溢出的一些额外信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.