我尝试使用PDO创建高级搜索表单,但无法理解如何在预准备语句中传递绑定变量。
我甚至不确定这是否正确,需要一些帮助来完成它。
所以在表单上我有一个输入字段,它在3列中搜索+另外两个下拉列表,它们是添加搜索但不是必需的。这是形式:
<form class="form-horizontal" name="form-horizontal" action="" method="post" role="form">
<div class="container-fluid">
<div class="row">
<h2>Enter the text which you want to search</h2>
<div class="col-md-8">
<div id="custom-search-input">
<div class="input-group col-md-12">
<input type="text" class="form-control input-lg" placeholder="Search in title, description or keywords" name="tdkey"/>
<span class="input-group-btn">
<button class="btn btn-info btn-lg" type="submit" name="submit">
<i class="glyphicon glyphicon-search"></i>
</button>
</span>
</div>
</div>
</div>
<div class="col-md-4">
<button type="button" class="btn btn-primary btn-lg" data-toggle="collapse" data-target="#filter-panel">
<span class="glyphicon glyphicon-cog"></span> Advanced Search
</button>
</div>
</div>
</div>
<div id="filter-panel" class="collapse filter-panel">
<div class="container-fluid">
<div class="row">
<div class="col-md-3">
<h4>Select by Category</h4>
<?php
$pdo = Database::connect();
$sql="SELECT field_name FROM form_fields WHERE group_id=6";
echo '<select class="form-control" name="upload_category" id="select2">';
foreach ($pdo->query($sql) as $upload_category){
echo '<option value='.$upload_category['field_name'].'>'.$upload_category['field_name'].'</option>';
}
echo '</select>';
?>
</div>
<div class="col-md-3">
<h4>Select by Program</h4>
<?php
$pdo = Database::connect();
$sql="SELECT field_name FROM form_fields WHERE group_id=1";
echo '<select class="form-control" name="upload_program" id="select2">';
foreach ($pdo->query($sql) as $row_program){
echo '<option value='.$row_program['field_name'].'>'.$row_program['field_name'].'</option>';
}
echo '</select>';
?>
</div>
这是我在PHP部分的尝试
if(isset($_POST["submit"])){
$query = "";
$tdkey = $_POST["tdkey"];
$upload_program = $_POST["upload_program"];
$upload_category = $_POST["upload_category"];
if(isset($tdkey)){ // if tdkey is set select here
$query = "SELECT * FROM document_upload WHERE upload_title LIKE :search_title OR upload_description LIKE :search_description OR upload_keywords LIKE :search_keywords";
if(isset($upload_category)){ // also if category is set add this to query
$query .= "AND upload_category LIKE :search_category";
}
if(isset($upload_program)){ // also if program is set add this
$query .= "AND upload_program LIKE :search_program";
}
} else if (isset($upload_category)){ // if tdkey isn't set go here
$query = "SELECT * FROM document_upload WHERE upload_category LIKE :search_category";
if(isset($upload_program)){ // add this also if program is set to category
$query .= "AND upload_program LIKE :upload_program";
}
} else if (isset($upload_program)){ // if only country is set go here
$query = "SELECT * FROM document_upload WHERE upload_program LIKE :search_program";
}
$stmt = $pdo->prepare($query);
$stmt->bindValue(":search_title", "%" . $tdkey . "%");
$stmt->bindValue(":search_description", "%" . $tdkey . "%");
$stmt->bindValue(":search_keywords", "%" . $tdkey . "%");
$stmt->bindValue(":search_category", "%" . $upload_category . "%");
$stmt->bindValue(":search_program", "%" . $upload_program . "%");
$stmt->execute();
$result = $stmt->fetchAll();
if ($stmt->rowCount() > 0) {
//results
}
错误是
警告:PDOStatement :: execute():SQLSTATE [HY093]:参数号无效:绑定变量数与令牌数不匹配 每次查询后我都需要绑定变量吗?或者有更多&#34;智能&#34;这样做的方法?
主要目标是从字段中搜索文本,描述和关键字,以及是否需要添加某些程序或类别。而且我认为最好的方法就像我在google上做一些研究时发现的那样 - 动态创建sql ...
答案 0 :(得分:0)
你有一些仅在某些条件下需要的参数,然后试图将它们全部绑定。
可能值得设置一个params数组并在相关条件下添加所需的参数。
您可以使用foreach将它们绑定到语句。
类似的东西:
$query = '';
$params = [];
if(isset($search_term_value)){
$query= 'SELECT * FROM example WHERE term LIKE :search_term';
$params['search_term'] = '%'.$search_term_value.'%';
}
$stmt = $pdo->prepare($query);
foreach($params as $key=>$value){
$stmt->bindValue(':'.$key, $value);
}
$stmt->execute();
另外,我很确定
AND upload_program LIKE :upload_program
应该阅读
AND upload_program LIKE :search_program