[英]php mysqli bind_params not working
我正在尝试使用以下代码获取参数化查询:
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%?%'");
$stmt->bind_param('s', $search);
$search = $_GET['search'];
$stmt->execute();
$result = $stmt->get_result();
但是,执行查询后,我已经检查了我的mysql数据库中的general_log表,而查询只是没有变化:
SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%?%'
编辑:
终于通过以下代码使用了它:
$param = "%{$_POST['search']}%";
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE ?");
$stmt->bind_param('s', $param);
$stmt->execute();
$result = $stmt->get_result();
谢谢大家的帮助!
由于您使用'
包裹了占位符,因此它被威胁为常规字符串而不是占位符。
正确的方法是用%%
包装要绑定的变量:
$stmt = $mysqli->prepare("SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE ?");
$stmt->bind_param('s', $search);
$search = '%'.$_GET['search'].'%';
$stmt->execute();
$result = $stmt->get_result();
类似问题:
更改打击代码。
$stmt->bind_param(':s', $search);
要么
SELECT formattributes.id as attr_id, forms.title as form_title, formattributes.label as attr_label, formattributes.description as attr_description FROM formattributes
INNER JOIN forms ON forms.id = formattributes.form_id WHERE forms.title LIKE '%:s%'
$stmt->bind_param(':s', $search);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.