1. 首页
  2. 问答
  3. 如何PHP变量值添加到查询之间

如何PHP变量值添加到查询之间

2016-11-15 81 views
0

下面是我的查询如何PHP变量值添加到查询之间

public function total_registration_month($from1,$to1){ 

    $q = $this->link->prepare('SELECT advisor, COUNT(*) as total 
     FROM 
     (
       SELECT advisor 
       FROM training_details 
       WHERE ndate BETWEEN $from1 AND $to1 
      UNION ALL 
       SELECT advisor 
       FROM student_details 
       WHERE registereddate 
       BETWEEN $from1 AND $to1 
     ) AS advisor 
     GROUP BY advisor'); 

    $q->execute(); 

    $count = $q->fetchall(); 

    return $count; 

}

我如何添加THT顺利通过1跳转和TO1从日期和date.If重视,往来成我申请的变量照片直接或单一相当它显示错误。善良帮助我的人。

来源

2016-11-15 Kavya Shree

+0

您正在使用'prepare',但没有真正使用它。阅读[文档](http://php.net/manual/en/pdo.prepare.php)。有很多如何正确执行此操作的示例,这些示例还将解决您的问题。 –

+0

你使用PDO或mysqli_数据库访问API吗? – RiggsFolly

+0

我使用PDO数据库访问 –

回答

1

当你正在使用PDO,你应该也可以使用参数化查询这样

public function total_registration_month($from1,$to1){ 

    $q = $this->link->prepare('SELECT advisor, COUNT(*) as total 
           FROM 
           (
             SELECT advisor 
             FROM training_details 
             WHERE ndate BETWEEN :fromd AND :tod 
            UNION ALL 
             SELECT advisor 
             FROM student_details 
             WHERE registereddate BETWEEN :fromd1 AND :tod1 
           ) AS advisor 
           GROUP BY advisor'); 

    $params = array(':fromd' => $from1,':tod' => $to1, 
        ':fromd1' => $from1,':tod1' => $to1); 

    $res = $q->execute($params); 
    if (! $res) { 
     print_r($q->errorInfo()); 
     exit; 
    } 

    $count = $q->fetchall(); 
    return $count; 
}

这也消除了如何连接数据到你的查询,因为它是所有PDO照顾所有的问题,并也从用户收到的数据中删除任何SQL注入问题

来源

2016-11-15 09:48:24 RiggsFolly

0 
public function total_registration_month($from1,$to1){ 

     $q = $this->link->prepare("SELECT advisor, COUNT(*) as total 
     FROM 
     (
       SELECT advisor 
       FROM training_details 
       WHERE ndate BETWEEN '$from1' AND '$to1' 
      UNION ALL 
       SELECT advisor 
       FROM student_details 
       WHERE registereddate 
       BETWEEN '$from1' AND '$to1' 
     ) AS advisor 
     GROUP BY advisor"); 
     $q->execute(); 

     $count = $q->fetchall(); 

     return $count; 

    }

来源

2016-11-15 09:44:20

0

随着PDO连接请尝试以下代码: '?'

$q = $this->link->prepare('SELECT advisor, COUNT(*) as total 
    FROM 
    (
      SELECT advisor 
      FROM training_details 
      WHERE ndate BETWEEN ? AND ? 
     UNION ALL 
      SELECT advisor 
      FROM student_details 
      WHERE registereddate 
      BETWEEN ? AND ? 
    ) AS advisor 
    GROUP BY advisor'); 

$q->execute(array($from1,$to1,$from1,$to1)); 

$count = $q->fetchall();

的通知(问号)在SQL查询。

来源

2016-11-15 09:44:58

相关问题

 相关问题