PDOStatement-> bindParam不起作用

时间:2017-07-02 09:14:48

标签: php mysql database pdo

$query->bindParam我遇到了一些麻烦。它并没有将占位符转换为值。

$options是一个数组:

$options['where'] = [
    'id'    => [ 1, 2, 3 ],
    'title' => [ 'some', 'title' ]
];
$fields = '*';
$where_clauses = []; /* define empty error which could be filled with where clauses */
/* if it is a separte blog, only posts posted by it's admin should be got */
if ( Main::$current_blog_id !== 1 )
    $where_clauses[] = '`author_id` IN(' . $this->blog->admin_id . ')';

/* if options have been passed */
if ( ! empty( $options ) ) {
    /* if there are "where" options */
    if ( ! empty( $options['where'] ) ) {
        $placeholder_number = 1; /* define placeholder number */
        $placeholders       = []; /* create array with placeholders 'placeholder_number' => 'value' */
        foreach ( $options['where'] as $field_name => $values ) {
            $field_values = []; /* values that will be used to create "IN" statement */

            /* fill $fild_values array with values */
            foreach ( $values as $value ) {
                $placeholder = ':' . $placeholder_number; /* create placeholder */

                $field_values[] = $placeholder; /* add placeholder to field values */

                $placeholders[ $placeholder ] = $value; /* add placeholer with it's value to common placeholders array */

                $placeholder_number++; /* increase placeholder number */
            }

            /* turn $fields_values array into string */
            $field_values = implode( ', ', $field_values );

            /* create clause and put it into $where_clauses */
            $where_clauses[] = '`' . $field_name . '` IN(' . $field_values . ')';
        }
    }
}

/* if where statement is empty */
$where_clauses =
    ! empty( $where_clauses ) ?
    implode( ' AND ', $where_clauses ) :
    1;

$query = Main::$data_base->pdo->prepare(
    'SELECT ' . $fields . ' ' .
    'FROM `posts` ' .
    'WHERE ' . $where_clauses . ' ' .
    'LIMIT ' . $posts_quantity . ';'
);

/* if there are placeholders in the query */
if ( ! empty( $placeholders ) ) {
    foreach ( $placeholders as $placeholder => $value )
        $query->bindParam( $placeholder, $value, PDO::PARAM_STR );
}

$query->execute();
$posts = $query->fetchAll( PDO::FETCH_ASSOC );

var_dump( $query );

return
    ! empty( $posts ) ?
    $posts :
    [];

完成所有这些后,我的打印查询如下:

SELECT * FROM `posts` WHERE `id` IN(:1, :2, :3) AND `title` IN(:4, :5) LIMIT 15;

2 个答案:

答案 0 :(得分:1)

您需要定义绑定,如...

 Array ( ':1' => 1, ':2' => 2, ':3' => 3, ':4' => 'some', ':5' => 'title' )

您的选择也不正确......

"SELECT * FROM posts WHERE id IN(:1, :2, :3) AND title IN(:4, :5) LIMIT 15;"

你必须把AND而不是&&在那里。

答案 1 :(得分:0)

PDOStatement::bindParam 不会修改您传递给PDO::prepare的查询字符串。在您执行语句并将查询发送到SQL服务器的那一刻,它将占位符替换为您绑定到它的变量的值。

这应该是你想要的:

$query = "SELECT * FROM posts WHERE id IN (:1, :2, :3) AND title IN (:4, :5) LIMIT 15;";
$statement = $db->prepare($query); // $db contains the connection to the database
$placeholders = array(':1' => 1, ':2' => 2, ':3' => 3, ':4' => 'some', ':5' => 'title');
foreach ($placeholders as $placeholder => $value) {
  $statement->bindValue($placeholder, $value, PDO::PARAM_STR);
}
$statement->execute();

请注意,我使用PDOStatement::bindValue并修改了您的SQL查询字符串(and而不是&&)。

你也可以这样做:

$query = "SELECT * FROM posts WHERE id IN (:1, :2, :3) AND title IN (:4, :5) LIMIT 15;";
$statement = $db->prepare($query);
$placeholders = array(':1' => 1, ':2' => 2, ':3' => 3, ':4' => 'some', ':5' => 'title');
$statement->execute($placeholders);

了解docs中的PDOStatement::execute