[英]Prepared Statement not working in PHP
I am trying to execute a prepared statement with mysqli but the statement never executes with results nor throws an error. 我试图用mysqli执行一条准备好的语句,但是该语句从不执行结果,也不会引发错误。 But executing the query normally work.
但是执行查询通常可以正常工作。
The prepared query looks like this: 准备好的查询如下所示:
SELECT * FROM games WHERE YEARweek(game_date)=?
The regular non prepared query is this 常规的未准备好的查询是这个
SELECT * FROM games WHERE YEARweek(game_date)= YEARweek(current_DATE) +1
Any ideas why? 有什么想法吗?
The code for executing the query is in different places but it looks like this in short version: 执行查询的代码在不同的地方,但在简短版本中看起来像这样:
$WHERE_CLAUSE='';
$first=true;
if(isset($conditions['conditions'])) {
foreach($conditions['conditions'] as $key=>$condition){
if(is_array($condition)){
} else {
if($first)
$WHERE_CLAUSE.=$key.'=?';
else
$WHERE_CLAUSE.=' AND '.$key.'=?';
$input_data[$key]=$condition;
$first=false;
}
}//end foreach
if(!empty($WHERE_CLAUSE)){
$query.='WHERE '.$WHERE_CLAUSE.' ';
}
}
$result=PVDatabase::preparedSelect($query, $input_data);
public static function preparedQuery($query, $data, $formats = '') {
if (self::_hasAdapter(get_class(), __FUNCTION__))
return self::_callAdapter(get_class(), __FUNCTION__, $query, $data, $formats);
if (self::$dbtype == self::$mySQLConnection) {
self::$link -> prepare($query);
$count = 1;
foreach ($data as $key => $value) {
self::$link -> bindParam($count, $value);
$count++;
}//end foreach
return self::$link -> execute();
} else if (self::$dbtype == self::$postgreSQLConnection) {
$result = pg_prepare(self::$link, '', $query);
$result = pg_execute(self::$link, '', $data);
return $result;
} else if (self::$dbtype == self::$oracleConnection) {
} else if (self::$dbtype == self::$msSQLConnection) {
$stmt = sqlsrv_prepare(self::$link, $query, $data);
return sqlsrv_execute($stmt);
}
}//end preparedQuery
Since you haven't provided the code you're using to invoke the query, I'm going to guess that you are probably binding a value that includes an expression. 由于您没有提供用于调用查询的代码,因此我猜您可能绑定了一个包含表达式的值。 Instead of being evaluated, it'll be interpreted literally.
它不会被评估,而是按字面意义进行解释。
PDO must be escaping the YEARweek(current_DATE) +1 part of the second query. PDO必须转义第二个查询的YEARweek(current_DATE)+1部分。
Do this instead: 改为这样做:
$next_year = date('Y) + 1;
SELECT * FROM games WHERE YEARweek(game_date) = $next_year
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.