PDO截断字符串参数

时间:2013-06-17 11:35:24

标签: php mysql pdo insert-into

我有这个函数将数据插入表中:

public static function insertSistema($name,$description,$created_at, $updated_at, $img_file_name, $img_content_type, $img_file_size, $img_updated_at, $visible, $description, $access_floors, $access_procedures, $access_datas, $access_histories, $access_incidences, $access_operations, $access_reports, $access_messagings)
{
    $conector = new Conexion("localhost","xrem_prueba");
    try
    {
        $con = $conector->Conectar();
        $con->exec('SET CHARACTER SET utf8');
        $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        $consulta = $con->prepare("INSERT INTO systems (name, created_at, updated_at, img_file_name, img_content_type, img_file_size, img_updated_at, visible, description, access_floors, access_procedures, access_datas, access_histories, access_incidences, access_operations, access_reports, access_messagings ) VALUES (:name, :created_at, :updated_at, :img_file_name, :img_content_type, :img_file_size, :img_updated_at, :visible, :description, :access_floors, :access_procedures, :access_datas, :access_histories, :access_incidences, :access_operations, :access_reports, :access_messagings);");
        $consulta->bindParam(':name', $name, PDO::PARAM_STR, 57);
        $consulta->bindParam(':description', $description, PDO::PARAM_STR);
        $consulta->bindParam(':created_at', $created_at, PDO::PARAM_STR);
        $consulta->bindParam(':updated_at', $updated_at, PDO::PARAM_STR);
        $consulta->bindParam(':img_file_name', $img_file_name, PDO::PARAM_STR,255);
        $consulta->bindParam(':img_content_type', $img_content_type, PDO::PARAM_STR,255);
        $consulta->bindParam(':img_file_size', $img_file_size, PDO::PARAM_INT);
        $consulta->bindParam(':img_updated_at', $img_updated_at, PDO::PARAM_INT);
        $consulta->bindParam(':visible', $visible, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_floors', $access_floors, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_procedures', $access_procedures, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_datas', $access_procedures, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_histories', $access_procedures, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_incidences', $access_procedures, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_operations', $access_procedures, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_reports', $access_reports, PDO::PARAM_INT,1);
        $consulta->bindParam(':access_messagings', $access_messagings, PDO::PARAM_INT,1);
        $datos = array('name'=>$name,
                       'description'=>$description,
                       'created_at'=>$created_at,
                       'updated_at'=>$updated_at,
                       'img_file_name'=>$img_file_name,
                       'img_content_type'=>$img_content_type,
                       'img_file_size'=>$img_file_size,
                       'img_updated_at'=>$img_updated_at,
                       'visible'=>$visible,
                       'access_floors'=>$access_floors,
                       'access_procedures'=>$access_procedures,
                       'access_datas'=>$access_datas,
                       'access_histories'=>$access_histories,
                       'access_incidences'=>$access_incidences,
                       'access_operations'=>$access_operations,
                       'access_reports'=>$access_reports,
                       'access_messagings'=>$access_messagings
        );
        $consulta->execute($datos);
        $conector = null;
        $con = null;
        return $consulta;
    }
    catch (Exception $e)
    {
        $conector = null;
        $con = null;
        throw $e;
    }
}

正如您所看到的,我有$consulta->bindParam(':name', $name, PDO::PARAM_STR, 57);第10行: bindParam 选项,并且它允许截断57个字符的长度,但它会插入任何类型的字符,因此它会被'不截断。

2 个答案:

答案 0 :(得分:6)

length参数不用于截断。它只应在参数来自存储过程时使用,然后用于表示长度 - 不设置它。您必须在绑定变量$name之前将其截断。

PHP Manual:“数据类型的长度。要指示参数是存储过程的OUT参数,您必须明确设置长度。”

答案 1 :(得分:1)

我是怎么做到的

public static function insertSistema($name,$description,$created_at, $updated_at, $img_file_name, $img_content_type, $img_file_size, $img_updated_at, $visible, $description, $access_floors, $access_procedures, $access_datas, $access_histories, $access_incidences, $access_operations, $access_reports, $access_messagings)
{
    global $con;
    $data   = func_get_args();
    $qmarks = str_repeat('?,', count($data) - 1) . '?';
    $stmt   = $con->prepare("INSERT INTO systems VALUES (NULL,$qmarks");
    $stmt->execute($data);
}

是的 - 我也摆脱那个漫长而多风的参数列表,将其换成阵列