![](/img/trans.png)
[英]what's wrong with this MySQL prepared statement? “unkown column in where clause”
[英]Use wildcard in WHERE clause in MySQL prepared statement
我有以下MySQL語句:
$sql = "SELECT * FROM `table` WHERE `field`=?;";
$prepare = $connect -> prepare( $sql );
$prepare -> bind_param( "i" , $value );
$value = $_GET["value"];
//etc.
但是,“未過濾”是一種選擇。 有沒有辦法將通配符傳遞給語句,如:
if ( ! isset ( $_GET["value"] ) ) $value = SOME_WILDCARD_INDICATOR;
...或者我是否必須為未經過濾的查詢提供完整的單獨代碼塊?
正如其他人所說,如果值存在,您只想添加where條件。
<?php
$sql = "SELECT * FROM `table`";
$value = $_GET['value'];
if ($value)
{
$sql .= " WHERE `field` = ?"
}
$query = $db->prepare ($sql);
if ($value)
{
$query->bind_param ('i', $value);
}
只需使用一點邏輯 -
$value = $_GET["value"];
$sql = "SELECT * FROM `table`";
if (isset($value)) {
$sql .= "WHERE `field`=?";
$prepare -> bind_param( "i" , $value );
}
$sql .= ";";
當你說“添加一些邏輯”時,@ Jay-Blanchard,我認為你的意思是這個,它完美地運作:
$filter = " WHERE 0=?";
$value = 0;
if ( isset ( $_GET["value"] ) )
{
$filter = " WHERE `field`=?";
$value = $_GET["value"];
}
$sql = "SELECT * FROM `table`" . $filter . ";";
$prepare = $connect -> prepare( $sql );
$prepare -> bind_param( "i" , $value );
//etc.
好靈感!
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.