我的任务是使用带有准备好的select语句的PDO搜索数据库我已经给出了看起来像这样的
SELECT * FROM ? WHERE ? = '?'
我设法让PDO进行搜索但是它完全不正确,我试图使用我在这里看到的例子,但似乎没有什么工作在这里是我如何临时修复它来搜索我< / p>
try {
//Create array of prepared sql commands to select * from db tables avoiding SQL Injection
$sql = $dbh->prepare("show tables");
$sql->execute();
if ( $sql->columnCount() > 0 )
{
while ($row = $sql->fetch() )
//$sqls[ $row[0] ] = "select * from " . $row[0] . ";";
$sqls[ $row[0] ] = "select * from " . $row[0] . " where $fieldname = '?';";
$sql = $dbh->prepare($sqls[$tablename]);
$sql->execute()
}
这是我尝试使用&#34;?&#34;
try {
//Create array of prepared sql commands to select * from db tables avoiding SQL Injection
$sql = $dbh->prepare("show tables");
$sql->execute();
if ( $sql->columnCount() > 0 )
{
while ($row = $sql->fetch() )
//$sqls[ $row[0] ] = "select * from " . $row[0] . ";";
$sqls[ $row[0] ] = "select * from ? where '?' = '?';";
$sql = $dbh->prepare($sqls[$tablename]);
$sql->bindParam(1,$tablename);
$sql->bindParam(2,$fieldname);
$sql->bindParam(3,$celldata);
$sql->execute()
}
这当然没有用,我试过这个&#39;&#39;绑定参数的方法我不知道那里有什么工作[ $row[0] ]我知道这会进入表格的第一行,但不明白它适合于哪里创造像这样的东西的目标
SELECT * FROM ? WHERE ? = '?'
任何正确方向的帮助或指示都会非常感激,非常感谢