$sql = "SELECT * FROM cc_agent";
if (isset($_POST["submit"])) {
$srch = htmlspecialchars($_POST["search_user"]);
$sql .= " WHERE ";
if (empty($srch)) {
$sql = "";
} else
{
$sql .= "login LIKE '%{$srch}%' OR lastname LIKE '%{$srch}%' OR email LIKE '%{$srch}%' OR firstname LIKE '%{$srch}%'";
}
}
我想用PDO查询更改所有程序查询。我有上面的代码,它搜索了许多变量并使用通配符。任何帮助将不胜感激。
答案 0 :(得分:0)
如何创建PDO连接:http://php.net/manual/en/pdo.connections.php
您的示例查询
$srch = 'something';
$srch2 = 'otherthing';
$sth = $dbh->prepare('SELECT * FROM cc_agent WHERE login LIKE :srch OR lastname LIKE :srch2');
$sth->bindParam(':srch', '%'.$srch.'%');
$sth->bindParam(':srch2', '%'.$srch2.'%');
$sth->execute();
有关bindParam的更多有用资源:http://php.net/manual/en/pdostatement.bindparam.php
答案 1 :(得分:0)
if (isset($_POST["submit"])) {
$srch = htmlspecialchars($_POST["search_user"]);
$sql .= " WHERE ";
if (empty($srch)) {
$sql = "";
} else
{
$sql .= "login LIKE ? OR lastname LIKE ? OR email LIKE ? OR firstname LIKE ?";
}
}
$stmt = $dbh->prepare($sql);
$stmt->execute(array($srch, $srch, $srch, $srch));
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
extract($row);
echo $variable1, $variable2;
}
感谢帮助人员。尝试上面的代码,它完美地工作。干杯!