[英]Replace prepared statement placeholders with array elements in PHP
我想將准備好的語句中使用的占位符替換為數組的元素。
假設我有以下sql字符串:
SELECT * FROM table WHERE col1 = ? AND col2 = ?
像這樣的數組:
$array = array(0=>'value1', 1=>'value2')
我的輸出應為:
SELECT * FROM table WHERE col1 = value1 AND col2 = value2
我讀到可以將數組用作PHP函數str_replace的參數,因此到目前為止,我的嘗試是:
function debugQuery($sql,$param){
return $ret = str_replace('?', $param, $sql);
}
此函數而不是我想要的輸出返回:
SELECT * FROM table WHERE col1 = Array AND col2 = Array
我想我缺少了什么...
您的代碼是(您將可以刪除mysql_real_escape_string ,但這可以從sql-inj中刪除):
<?php
$sql = "SELECT * FROM table WHERE col1 = ? AND col2 = ?";
$array = array(0 => "TEST", 1 => "TEST2");
foreach ($array as $value)
$sql = preg_replace("#\?#", "'" . mysql_real_escape_string($value) . "'", $sql, 1);
echo $sql;
使用MySQL的PHP中帶有命名占位符的預准備語句出錯
[英]Error with a prepared statement with named placeholders in PHP with mySQL
如何使用 php 變量和 php 數組元素制作准備好的語句?
[英]How to make a prepared statement with php variables and php array elements?
試圖找出PHP PDO准備好的語句和占位符。 MySQL語句“ IN”子句中的占位符
[英]Trying to figure out PHP PDO prepared statements and placeholders. Placeholder in “IN” clause of MySQL statement
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.