1. 首页
  2. 问答
  3. PHP查询不excuting正确

PHP查询不excuting正确

2012-03-29 79 views
0

我怎么能执行一个查询,与不具有包围引号,像这样的paramters之一 - 使用的东西PHP查询不excuting正确

select * from table where column1 = 'value1' and column2 = value2 //value2 has no ''

现在,在PHP IM像

query("select * from table where column1 = ? and column2 = ?",array($value1,$value2)

那是一个例子。并在sql中如此移植

select * from table where column1 = 'value1' and column2 = 'value2' //value2 has quotes, this is what i want to ignore/remove

这怎么可以在PHP中完成?

来源

2012-03-29 codrgi

回答

0

如何:

query("select * from table where column1 = '?' and column2 = '?'"

或者:

query("select * from table where column1 = \"?\" and column2 = \"?\""

这不是很漂亮,但它的工作原理。

来源

2012-03-29 23:48:00 Halcyon

0

你可以做,使用PDO的准备语句:

<?php 
    $sth = $db->prepare('SELECT * FROM users WHERE username = ? AND pass = ?'); 
    $sth->execute(array('john', '1234')); 
    $result = $sth->fetchAll(); 
?>

来源

2012-03-30 00:59:45 enbits

0

这里是一个可用的样板,您可以使用其中还包括用于测试此方案划痕数据库设置。 try构造内的代码是执行连接和查询的实际操作的代码。

<?php 

/********************************************************** 
* CREATES THE SAMPLE DATABASE/TABLE/DATA 
/*********************************************************/ 
/********************************************************* 

CREATE DATABASE IF NOT EXISTS scratch 
    CHARACTER SET = 'utf8' COLLATE = 'utf8_general_ci'; 

CREATE TABLE `scratch`.`table1` (
    `column1` varchar(40) NOT NULL DEFAULT '', 
    `column2` varchar(40) NOT NULL DEFAULT '' 
) ENGINE=InnoDB DEFAULT CHARSET=utf8; 

INSERT INTO `scratch`.`table1` (`column1`, `column2`) 
    VALUES ('test1', 'test2'); 

/*********************************************************/ 

// connection parameters 
$hostname = '127.0.0.1'; 
$database = 'scratch'; 
$username = 'root'; 
$password = 'rootpass'; 

// connection parameters (mysql specific) 
$connectionString = "mysql:host=${hostname};dbname=${database}"; 
$connectionOptions = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'); 

// query bound parameters 
$column1 = 'test1'; 
$column2 = 'test2'; 

// sql statement(s) 
$sql  = 'SELECT 
       `column1`, `column2` 
      FROM 
       table1 
      WHERE 
        `column1` = :column1 
       and `column2` = :column2; 
'; 

// tl;dr 
try { 
    $pdo = new PDO($connectionString, $username, $password, $connectionOptions); 
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
    $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); 

    $statement = $pdo->prepare($sql); 
    $statement->execute(compact('column1', 'column2')); 
    $results = $statement->fetchAll(); 

    var_dump($results); 

    $pdo = $statement = null; 
} catch(PDOException $e) { 
    echo $e->getMessage(); 
}

来源

2012-03-30 21:44:53

相关问题

 相关问题