[英]PHP PDO post string list IN Where Clause
我幾乎可以使用以下代碼,但不熟悉如何以數組形式(如測試)將列表從最終用戶發布到$ ids。 最終用戶將以“ 3,5,7,8 ...”的形式發送給我一個列表
轉換為POST語句時,如何模擬“ $ ids = array(1,2,3)”?
<?php
//1. Create a database connection
require_once('config.php');
$mysql_host = DB_HOST;
$mysql_database = DB_NAME;
$mysql_username = DB_USER;
$mysql_password = DB_PASS;
$ids = $_POST["idsvar"]; //Doesn't return values
//$ids = array(1,2,3); //This does work when used for testing purposes
$inQuery = implode(',', array_fill(0, count($ids), '?'));
try {
$conn = new PDO("mysql:host=$mysql_host; dbname=$mysql_database", $mysql_username, $mysql_password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->exec("SET CHARACTER SET utf8"); // Sets encoding UTF-8
//2. Perform database query if Connected Successfully
$stm = $conn ->prepare(
'SELECT `schema`.`table`.`column1` AS `DiffNameA`,
`schema`.`table`.`column2` AS `DiffNameB`
FROM `schema`.`table`
WHERE id IN(' . $inQuery . ')');
foreach ($ids as $k => $id)
$stm->bindValue(($k+1), $id);
$stm->execute();
$field = $stm->fetchAll();
foreach ($field as $row) {
print $row["DiffNameA"] . "|" .$row["DiffNameB"] ."\n\r"; //extra comma so can have notes hidden area
}
$conn = null; // Disconnect
}
catch(PDOException $e)
{
echo "Connection failed: " . $e->getMessage().'<br />';
file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND);
}
?>
感謝您的任何幫助。
================================================== =============
如果它可以幫助任何人,這是完整的腳本:
<?php
//1. Create a database connection
require_once('config.php');
$mysql_host = DB_HOST;
$mysql_database = DB_NAME;
$mysql_username = DB_USER;
$mysql_password = DB_PASS;
$ids = explode(',', $_POST["idsvar"]);
$inQuery = implode(',', array_fill(0, count($ids), '?'));
try {
$conn = new PDO("mysql:host=$mysql_host; dbname=$mysql_database", $mysql_username, $mysql_password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->exec("SET CHARACTER SET utf8"); // Sets encoding UTF-8
//2. Perform database query if Connected Successfully
$stm = $conn ->prepare(
'SELECT `schema`.`table`.`column1` AS `DiffNameA`,
`schema`.`table`.`column2` AS `DiffNameB`
FROM `schema`.`table`
WHERE id IN(' . $inQuery . ')');
foreach ($ids as $k => $id)
$stm->bindValue(($k+1), $id);
$stm->execute();
$field = $stm->fetchAll();
foreach ($field as $row) {
print $row["DiffNameA"] . "|" .$row["DiffNameB"] ."\n\r"; //extra comma so can have notes hidden area
}
$conn = null; // Disconnect
}
catch(PDOException $e)
{
echo "Connection failed: " . $e->getMessage().'<br />';
file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND);
}
?>
您的$_POST["idsvar"]
是字符串,而不是數組。 使用explode
將其拆分為每個逗號處的數組。
$test = explode(',', '1,2,3');
演示: https : //eval.in/603133
在您的情況下:
$ids = explode(',', $_POST["idsvar"]);
count($ids)
在您的靜態示例中有效,因為您將$ids
定義為數組( $ids = array(1,2,3)
)。
或者,如果您也想驗證輸入,則可以使用正則表達式。
(\d+)(?:,|\z)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.