我见过很多人得到错误SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens,但据我所知,他们的问题都没有帮助或适用于我。我确信这对我来说真的很蠢......
当我回显$ps和$ps_val(在我的db类和页面上)时,它们具有相同数量的值。我甚至会回显SQL和计数并仔细检查占位符的拼写,这一切都加起来。我甚至进入phpMyAdmin,复制粘贴我的SQL,并使用它们的值复制粘贴所有占位符,这样就可以了,所以我知道它不是SQL语法。
$ps[] = ":category";
$ps_val[] = $_GET['cat'];
if (isset($_GET['color'])){
// resort_color converts hex color into comma delimited text colors
// e.g. resort_color("#000000") returns "black, black with white trim, etc."
$colors = resort_color($_GET['color']);
if (strpos($colors, ",") >= 0){
$colors = explode(",", $colors);
$i = 0;
foreach ($colors as $color){
$color = trim($color);
if ($i == 0){
$sql_color = " AND `Color` LIKE \"%:color{$i}%\"";
$ps[] = ":color{$i}";
$ps_val[] = $color;
} else {
$sql_color = $sql_color . " OR `Color` LIKE \"%:color{$i}%\"";
$ps[] = ":color{$i}";
$ps_val[] = $color;
}
$i++;
}
} else {
$sql_color = 'AND `Color` LIKE \"%:color%\"';
$ps[] = ":color";
$ps_val[] = $colors;
}
} else {
$sql_color = "";
}
$sql[] = 'SELECT * FROM `bullet_catalog` WHERE `Category` = :category ' . $sql_color;
$sql[] = 'SELECT * FROM `leeds_catalog` WHERE `Category` = :category ' . $sql_color;
$sql[] = 'SELECT * FROM `trimark_catalog` WHERE `Category` = :category ' . $sql_color;
if ($db->query_all($sql, $ps, $ps_val)){
$products = $db->query_all($sql, $ps, $ps_val);
} else {
$products = "";
}
我的query_all功能:
public function query_all($sql, $ps="", $ps_val=""){
if (!$sql){
return false;
} else {
foreach ($sql as $ind_sql){
$query = $this->pdo->prepare($ind_sql);
if ($ps){
if (is_array($ps)){
$i = 0;
foreach ($ps as $pss){
$query->bindValue($pss, $ps_val[$i]);
$i++;
}
} else {
$query->bindValue($ps, $ps_val);
}
}
try {
$query->execute();
$result = $query->fetchAll(PDO::FETCH_ASSOC);
foreach ($result as $res){
$results[] = $res;
}
} catch (PDOException $error){
echo "<div><pre>" . print_r($error->getMessage(), true) . "</pre></div>";
}
}
if (isset($results)){
return $results;
} else {
return false;
}
}
}
PDOStatement :: debugDumpParams返回
SQL: [295] SELECT *
FROM `table`
WHERE `Category` = ":category"
AND `Color` LIKE "%:color0%"
OR `Color` LIKE "%:color1%"
OR `Color` LIKE "%:color2%"
OR `Color` LIKE "%:color3%"
OR `Color` LIKE "%:color4%"
OR `Color` LIKE "%:color5%"
OR `Color` LIKE "%:color6%"
Params: 8
Key: Name: [9] :category
paramno=-1
name=[9] ":category"
is_param=1 param_type=2
Key: Name: [7] :color0
paramno=-1
name=[7] ":color0"
is_param=1 param_type=2
Key: Name: [7] :color1
paramno=-1
name=[7] ":color1"
is_param=1 param_type=2
Key: Name: [7] :color2
paramno=-1
name=[7] ":color2"
is_param=1 param_type=2
Key: Name: [7] :color3
paramno=-1
name=[7] ":color3"
is_param=1 param_type=2
Key: Name: [7] :color4
paramno=-1
name=[7] ":color4"
is_param=1 param_type=2
Key: Name: [7] :color5
paramno=-1
name=[7] ":color5"
is_param=1 param_type=2
Key: Name: [7] :color6
paramno=-1
name=[7] ":color6"
is_param=1 param_type=2
答案 0 :(得分:1)
如果您使用PDO bindValue使用LIKE条件进行搜索,则无法将百分比和引号添加到param占位符'%:color0%'。
这是错误的:
SELECT * FROM `bullet_catalog` WHERE `color` LIKE '%:color0%'
CORRECT解决方案就是像这样使用占位符:
SELECT * FROM `bullet_catalog` WHERE `color` LIKE :color0
然后将百分比添加到存储关键字的php变量中:
$query->bindValue(':color0', "%" . $color0 . "%");
同样由于%和_未在$color0中转义,因此您应该自行转义它们。
还解释