我必须构建快速的pdo查询(这是非常古老的网站,使用框架是不可能的),当我输入多个搜索参数时,我遇到了问题。
(对于单个参数,它工作正常,但组合两个或多个参数将导致SQLSTATE [42000]错误。)
完成错误:
<br />
<b>Fatal error</b>: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or
access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near 'WHERE CUSTPHON.PHONE = '1230001343'
GROUP BY CUSTOMER.CUST_ID
ORDER BY CUST' at line 7' in /home/larrysii/public_html/yaclib/lib/db.php:104
db中的第104行用于执行查询:
public function execute(){
return $this->stmt->execute();
}
这里有什么问题?
我从这样的表格中获取数据(我不知道将使用哪个参数):
$searchParams = [];
if(strlen($_POST['customerName']) > 2)
$searchParams['customerName'] = strtolower(strip_tags(trim($_POST['customerName'])));
if(strlen($_POST['cardNumber']) == 7)
$searchParams['cardNumber'] = strtolower(strip_tags(trim($_POST['cardNumber'])));
if(strlen($_POST['phoneNumber']) > 3)
$searchParams['cardNumber'] = strtolower(strip_tags(trim($_POST['phoneNumber'])));
if(strlen($_POST['customerAddress']) > 3)
$searchParams['customerAddress'] = strtolower(strip_tags(trim($_POST['customerAddress'])));
if(strlen($_POST['customerEmail']) > 2)
$searchParams['customerEmail'] = strtolower(strip_tags(trim($_POST['customerEmail'])));
这就是我查询的方式:
$queryArray = [];
foreach($searchParams as $key => $value):
switch ($key):
case 'customerName':
$queryArray['customerName'] = " WHERE LOWER(CUSTOMER.LAST_NAME) LIKE ? ";
break;
case 'cardNumber':
$queryArray['cardNumber'] = " WHERE CUSTPHON.PHONE = ? ";
break;
case 'phoneNumber':
$queryArray['cardNumber'] = " WHERE CUSTPHON.PHONE = ? ";
break;
case 'customerAddress':
$queryArray['customerAddress'] = " WHERE LOWER(CUSTADDR.ADDRESS) LIKE ? ";
break;
case 'customerEmail':
$queryArray['customerEmail'] = " WHERE LOWER(CUSTOMER.EMAIL) LIKE ? ";
break;
endswitch;
endforeach;
获取查询:
$queryString = implode(' OR ', $queryArray);
$query1 = "SELECT CUSTOMER.LAST_NAME,CUSTOMER.DOB,CUSTOMER.EMAIL,CUSTPHON.PHONE,CUSTOMER.CUST_ID,CUSTOMER.DATE_LAST,CUSTOMER.ORD_COUNT
FROM CUSTOMER
RIGHT JOIN CUSTPHON
ON CUSTOMER.CUST_ID=CUSTPHON.CUST_ID
RIGHT JOIN CUSTADDR
ON CUSTOMER.CUST_ID=CUSTADDR.CUST_ID
{$queryString}
GROUP BY CUSTOMER.CUST_ID
ORDER BY CUSTOMER.LAST_NAME
";
$pdo->prepareQuery($query1);
$i = 1;
foreach($searchParams as $key => $value):
switch ($key):
case 'cardNumber':
$cardNumber = $value;
if(strlen($value) == 7)
$cardNumber = '123' . (string)$value;
$pdo->bind($i, $cardNumber);
break;
case 'customerName':
case 'customerEmail':
case 'customerAddress':
$pdo->bind($i, "%$value%");
break;
endswitch;
$i++;
endforeach;
答案 0 :(得分:1)
错误似乎是您有多个WHERE子句。
尝试使用它来构建WHERE子句:
$queryArray = [];
foreach($searchParams as $key => $value):
switch ($key):
case 'customerName':
$queryArray['customerName'] = " LOWER(CUSTOMER.LAST_NAME) LIKE ? ";
break;
case 'cardNumber':
$queryArray['cardNumber'] = " CUSTPHON.PHONE = ? ";
break;
case 'phoneNumber':
$queryArray['cardNumber'] = " CUSTPHON.PHONE = ? ";
break;
case 'customerAddress':
$queryArray['customerAddress'] = " LOWER(CUSTADDR.ADDRESS) LIKE ? ";
break;
case 'customerEmail':
$queryArray['customerEmail'] = " LOWER(CUSTOMER.EMAIL) LIKE ? ";
break;
endswitch;
endforeach;
这样可以构建您的查询:
$queryString = implode(' AND ', $queryArray); // Or you can use ' OR ', depending on what results you want
$query1 = 'SELECT CUSTOMER.LAST_NAME,CUSTOMER.DOB,CUSTOMER.EMAIL,CUSTPHON.PHONE,CUSTOMER.CUST_ID,CUSTOMER.DATE_LAST,CUSTOMER.ORD_COUNT
FROM CUSTOMER
RIGHT JOIN CUSTPHON
ON CUSTOMER.CUST_ID=CUSTPHON.CUST_ID
RIGHT JOIN CUSTADDR
ON CUSTOMER.CUST_ID=CUSTADDR.CUST_ID
' . ($queryString != '' ? ' WHERE ' . $queryString : '') . '
GROUP BY CUSTOMER.CUST_ID
ORDER BY CUSTOMER.LAST_NAME
';