0
执行查询时出现跟随错误。MariaDB错误与查询
Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''0', '25'' at line 1
这里是查询
$sqlData = 'SELECT * FROM users WHERE u_id_id = :UID_ID ORDER BY :ORDER_BY :ORDER_TYPE limit :START, :DATA_LENGTH';
$params = array(
":UID" => $uId,
":ORDER_BY" => $orderBy,
":ORDER_TYPE" => $orderType,
":START" => $start,
":DATA_LENGTH" => $length
);
$queryData = \registry::getDBHandler()->prepare($sqlData);
$queryData->execute($params);
var_dump($queryData->execute($params));
注
这里是paramas的VAR达姆输出
array (size=5)
':UID' => string '66' (length=2)
':ORDER_BY' => string 'id' (length=2)
':ORDER_TYPE' => string 'asc' (length=3)
':START' => string '0' (length=1)
':DATA_LENGTH' => string '25' (length=2)
我不认为你可以使用ORDER BY或LIMIT准备变量。 –
@RocketHazmat:有没有其他的方式来做到这一点?请咨询 –
你的'$ params'从哪里来?特别是'$ orderBy','$ orderType','$ start'和'$ length'。你将不得不手动追加这些值到查询中,所以你也必须正确地将它们转义。或者说,做这样的事情:http://stackoverflow.com/a/2543144如果你有一组硬编码的值,你可以使用它,只有当它在列表中使用它(或LIMIT只是确保他们是数字)。 –