构建多字LIKE为PDO查询准备语句

时间:2016-05-11 05:37:36

标签: php pdo

我正在尝试构建逻辑以创建用于PDO的多字LIKE语句。

这需要搜索字符串$ str来构建LIKE部分的多个部分:

String appPackage = "com.your.app.package";
Intent intent = new Intent(getActivity(), getActivity().getClass());
PendingIntent sender = PendingIntent.getActivity(getActivity(), 0, intent, 0);
PackageInstaller mPackageInstaller = getActivity().getPackageManager().getPackageInstaller();
mPackageInstaller.uninstall(appPackage, sender.getIntentSender());

这是SQL语句 - 将$ sql_str插入到正确的位置:

$str = $_POST['str'];

$keywords = preg_split('/[\s]+/', $str);
$totalKeywords = count($keywords);

$search = "%$str%";
$sql_str = " AND post_content LIKE :search0 ";

for($i=1 ; $i < $totalKeywords; $i++){
    $search_bit = ":search" . $i;
    $sql_str .= " AND post_content LIKE $search_bit ";
}

然后,为了绑定变量,我尝试了两种方法:

$sql = "SELECT d.ID
             , d.post_date
             , d.post_content
             , d.post_cat_id
             , d.post_label
             , c.fld_cat
          FROM tbl_log_days d
             , tbl_log_cats c
         WHERE d.post_cat_id = c.fld_id " . $sql_str . "
      ORDER BY post_date";

还有这个(没有foreach行中$关键字之前的&符号):

$stmt = $pdo->prepare($sql);

if (!empty($sql_str)) {

    foreach ($keywords as $key => &$keyword){
        $foo = '%'.$keyword.'%';
        $stmt->bindParam(':search' . $key, $foo);
    }

}

然而,当我搜索例如&#34;过去的山&#34;并检查实际运行的结果SQL(我在MySQL中启用了查询日志记录),它只占用搜索字符串中的最后一个字:

$stmt = $pdo->prepare($sql);

if (!empty($sql_str)) {

    foreach ($keywords as $key => $keyword){
        $foo = '%'.$keyword.'%';
        $stmt->bindParam(':search' . $key, $foo);
    }

}

我在运行搜索时已经完成了$ keyword变量的var_dump,它返回:

SELECT d.ID
     , d.post_date
     , d.post_content
     , d.post_cat_id
     , d.post_label
     , c.fld_cat
  FROM tbl_log_days d
     , tbl_log_cats c
 WHERE d.post_cat_id = c.fld_id  AND post_content LIKE '%past%'  AND post_content LIKE '%past%' 
  ORDER BY post_date

我无法解决这个问题。是否有可能做我想做的事情?

2 个答案:

答案 0 :(得分:0)

我会做这样的事情

for($i=1 ; $i < $totalKeywords; $i++){
  $search_num = "search" . $i;
  $search_bit = ":" . $search_num;
  $sql_str .= " AND post_content LIKE $search_bit ";
    $foo = '%'.$keyword.'%';
  $V[$search_bit] = $foo;
}

$query = $pdo->prepare($sql);
$query->execute($V);

(我还没有测试过此代码,请原谅错别字。)

答案 1 :(得分:0)

我在Sitepoint上问了同样的问题: https://www.sitepoint.com/community/t/multi-word-like-prepared-statement-for-pdo-query/223738/5

并在那里找到了解决方案:

$stmt = $pdo->prepare($sql);
if (!empty($sql_str)) {
    for ($x = 0; $x<$totalKeywords; $x++) {
    // add the percent signs, or make a new copy of the array first if you want to keep the parameters
    $keywords[$x] = "%" . $keywords[$x] . "%";  
    $stmt->bindParam(':search' . $x, $keywords[$x]);
    }
}
相关问题
最新问题