stackoom
  简体   繁体   中英

passing PHP variable to sql query in oci_parse

 原文  2016-02-09 12:51:05       php/ sql/ oci

Question

I am passing a PHP varibale into a oracle sql query. but its not taking it properly giving me ORA errors like - invalid character. I tried escaping the varibale as \\'$sid\\', this makes error go, but the query doesnt return anything. Is there a way to pass PHP variable to oracle query 

if(isset($_POST['action']))
{
   $sid = $_POST['action'];
   $stid = oci_parse($conn, 'SELECT emp from table emp='$sid'');
   oci_execute($stid);
}

I have removed to the database connection part for brevity.

1 answers

solution1
 1 ACCPTED  2016-02-09 13:49:00

'SELECT emp from table emp=\\'$sid\\'' is a string that you pass exactly as it is to Oracle, this is why it doesn't work.

You need to use oci_bind_by_name to bind a placeholder to a PHP variable.

Example: 

$variable = 42;
$stid = oci_parse($conn, 'SELECT col_name FROM tbl_name WHERE col_name > :num;');
oci_bind_by_name($stid, ":num", $variable);
oci_execute($stid);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question oci_parse giving error when using php variable How do I insert a variable into this oci_parse statement Oracle Error in oci_parse() Return value of oci_parse Using oci_parse and oci_execute oci_parse(): and oci_execute(); warnings Show oci_parse'd statement My Parsing method return null (oci_parse() method) Passing PHP variable to SQL query oci_parse() expects parameter 1 to be resource / ociexecute() [function.ociexecute]: ORA-00904
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM