我在准备查询时遇到问题。当$ artistname有撇号时,我收到错误。
$ keyword可以很好地处理撇号。我做错了什么,我该如何解决?
$keyword[':keyword'.$x] = "%".$name_single."%";
$where .= '`name` LIKE :keyword'.$x;
if ($name_count!=$x) {
$where .= ' AND ';
}
$sql = "SELECT * FROM `mixtapes` WHERE ".$where." AND name != '$artistname' ORDER BY `id` DESC LIMIT 40";
$search = $db->prepare($sql);
$search->execute($keyword);
答案 0 :(得分:1)
那么你的准备声明没有准备好boysname。使用prepare语句时,将占位符放在查询中,然后执行传递变量进行查询。将artisname添加到数组中,你应该没问题。
$keyword[':keyword'.$x] = "%".$name_single."%";
$where .= '`name` LIKE :keyword'.$x;
if ($name_count!=$x) {
$where .= ' AND ';
}
$keyword[':artistname'] = $artistname;
$sql = "SELECT * FROM `mixtapes` WHERE ".$where." AND name != :artistname ORDER BY `id` DESC LIMIT 40";
$search = $db->prepare($sql);
$search->execute($keyword);