所以我正在尝试使用PDO构建和准备动态的mysql查询。这是我的代码和调试信息。
$allowed_filters = array('hotels.star_rating', 'countries.id');
$where = 'WHERE 1 ';
if (!empty($data['filters'])){
$where = 'WHERE';
foreach ($data['filters'] as $field => $value){
if (in_array($field, $allowed_filters)){
$where .= " $field = :$field &&";
}
else unset($data['filters'][$field]);
}
$where = rtrim($where, '&&');
$where = ($where == 'WHERE')? 'WHERE 1 ' : $where;
}
$st = $this->db->prepare("
SELECT
hotels.code,
hotels.name as name,
hotels.star_rating,
hotels.description,
hotels.cover_image,
countries.name as country,
cities.name as city
FROM
hotels JOIN cities ON cities.id = hotels.city_id
join countries on countries.id = cities.country_id
$where
");
$st->execute($data['filters']);
var_dump($st->fetch());
在行$ st->执行之前($ data ['filters'])我转储了$ st和$ data ['filters']。价值观如下。
$ st
的价值PDOStatement Object
(
[queryString] =>
SELECT
hotels.code,
hotels.name as name,
hotels.star_rating,
hotels.description,
hotels.cover_image,
countries.name as country,
cities.name as city
FROM
hotels JOIN cities ON cities.id = hotels.city_id
join countries on countries.id = cities.country_id
WHERE
hotels.star_rating = :hotels.star_rating &&
countries.id = :countries.id
)
$ data ['filters']的价值
Array
(
[hotels.star_rating] => 4 stars
[countries.id] => 5
)
PDO抛出异常并因以下错误而失败。
SQLSTATE [HY093]:参数号无效:参数未定义'
帮助?
答案 0 :(得分:1)
您忘记了:键中的冒号$data['filters']。它应该是:
Array
(
[:hotels.star_rating] => 4 stars
[:countries.id] => 5
)