使用bindParam顯示數據庫中的數據

Question

我想嘗試使用bindParam從數據庫顯示我的數據，但出現一些錯誤。

可恢復的致命錯誤：第15行的C：\\ xampp \\ htdocs \\ piratefiles \\ search.php中無法將類PDOStatement的對象轉換為字符串

這是我的代碼

$category = htmlentities($_GET['c']);
$query = htmlentities($_GET['q']);

$page = (isset($_GET['page'])) ? $_GET['page'] : 1;
$limit = 20;
$limit_start = ($page - 1) * $limit;

$query = $db->prepare ("SELECT * FROM `posting` WHERE 'category' = :category AND 'file_name' like :query ORDER BY date DESC LIMIT ".$limit_start.",".$limit);

$query->bindParam(":category", $category);
$query->bindParam(":query", $query);

$query->execute();

Answer 1

$query是用戶輸入，然后將其分配為PDOStatement，然后將其傳遞回bindParam

更改var名稱。

$category = htmlentities($_GET['c']);
$query = htmlentities($_GET['q']);

$page = (isset($_GET['page'])) ? $_GET['page'] : 1;
$limit = 20;
$limit_start = ($page - 1) * $limit;

$stmt = $db->prepare ("SELECT * FROM `posting` WHERE 'category' = :category AND 'file_name' like :query ORDER BY date DESC LIMIT ".$limit_start.",".$limit);

$stmt->bindParam(":category", $category);
$stmt->bindParam(":query", $query);

$stmt->execute();

Answer 2

由於即時通訊使用LIKE因此需要制作另一個變量。

$keyword1 = "%".$category."%";
$keyword2 = "%".$query1."%";

這是完整代碼。

$category = htmlentities($_GET['c']);
$query1 = htmlentities($_GET['q']);

$page = (isset($_GET['page'])) ? $_GET['page'] : 1;
$limit = 20;
$limit_start = ($page - 1) * $limit;

$query = $db->prepare ("SELECT * FROM `posting` WHERE category LIKE :category AND file_name LIKE :query1 ORDER BY date DESC LIMIT ".$limit_start.",".$limit);

$keyword1 = "%".$category."%";
$keyword2 = "%".$query1."%";

$query->bindParam(":category", $keyword1);
$query->bindParam(":query1", $keyword2);

$query->execute();