[英]Binding php variable to pdo query
到目前為止,我的數據庫記錄可以搜索和分頁。 我在通過鏈接參數集成單獨的排序功能設置時遇到問題。 例如 ?sort=id, ?sort=last_name etc..
。 我可以使用isset($_GET['sort']
捕獲參數,但是在將變量綁定到查詢中時遇到麻煩。
這是我的代碼
$pdo_conn = new PDO( 'mysql:host=localhost;dbname=database_name', $database_username, $database_password );
$search_keyword = '';
if(!empty($_POST['search']['keyword'])) {
$search_keyword = $_POST['search']['keyword'];
}
$sql = 'SELECT * FROM submissions WHERE company_name LIKE :keyword OR attorney_last_name LIKE :keyword OR attorney_first_name LIKE :keyword ORDER BY id ASC ';
/* Pagination Code starts */
$per_page_html = '';
$page = 1;
$start=0;
if(!empty($_POST["page"])) {
$page = $_POST["page"];
$start=($page-1) * ROW_PER_PAGE;
}
$limit=" limit " . $start . "," . ROW_PER_PAGE;
$pagination_statement = $pdo_conn->prepare($sql);
$pagination_statement->bindValue(':keyword', '%' . $search_keyword . '%', PDO::PARAM_STR);
$pagination_statement->execute();
$row_count = $pagination_statement->rowCount();
if(!empty($row_count)){
$per_page_html .= "<div style='text-align:center;margin:20px 0px;'>";
$page_count=ceil($row_count/ROW_PER_PAGE);
if($page_count>1) {
for($i=1;$i<=$page_count;$i++){
if($i==$page){
$per_page_html .= '<input type="submit" name="page" value="' . $i . '" class="btn-page current" />';
} else {
$per_page_html .= '<input type="submit" name="page" value="' . $i . '" class="btn-page" />';
}
}
}
$per_page_html .= "</div>";
}
$query = $sql.$limit;
$pdo_statement = $pdo_conn->prepare($query);
$pdo_statement->bindValue(':keyword', '%' . $search_keyword . '%', PDO::PARAM_STR);
$pdo_statement->execute();
$result = $pdo_statement->fetchAll();
$sort = isset($_GET['sort']) ? $_GET['sort'] : null;
//to prevent SQL injection
if(!in_array($sort, array('id', 'last_name'))) $sort = null;
//use default field to sort
if(!$sort) $sort = 'id';
//build the SQL
$sql = "SELECT * FROM submissions
WHERE company_name LIKE :keyword
OR attorney_last_name LIKE :keyword
OR attorney_first_name LIKE :keyword
ORDER BY `$sort` ASC
";
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.