我正在尝试将mysqli联合代码转换为准备好的语句。我使用准备好的语句转换了所有其他代码,但无法转换此搜索查询。
PHP:这是我的原始代码-
$string3 = $_GET['search'];
$search_exploded = explode (" ", $string3)
foreach($search_exploded as $search_each)
{
$x++;
if($x==1)
$construct .="movie_name LIKE '%$search_each%' ";
else
$construct .="or movie_name LIKE '%$search_each%'";
}
foreach($search_exploded as $search_each2)
{
$y++;
if($y==1)
$construct2 .="show_name LIKE '%$search_each2%' AND show_name not like '$filter2'";
else
$construct2 .="or show_name LIKE '%$search_each2%' AND show_name not like '$filter2'";
}
$construct4 .="movie_name1 LIKE '$string3%'";
$getquery = mysqli_query($conn, "(SELECT '1' as sb, id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo where movie_name LIKE '$string3%')
union
(SELECT '2' as sb, id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo
where ($construct4) AND NOT EXISTS
(SELECT id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo where movie_name LIKE '$string3%'))
union
(SELECT '3' as sb, id,poster,show_name,show_name1,year,type,season,imdb FROM tvshows where show_name LIKE '$string3%')
union
(SELECT '4' as sb, id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo
where ($construct) AND id NOT IN
(SELECT id FROM movieinfo where movie_name LIKE '$string3%' or movie_name1 LIKE '$string3%'))
union
(SELECT '5' as sb, id,poster,show_name,show_name1,year,type,season,imdb FROM tvshows where $construct2) order by sb,RAND($rand) LIMIT $start, $per_page")or die(mysqli_error());
我正在尝试将其转换为准备好的语句。我尝试了这个,但是没有用。我无法在工会中绑定多个参数。
PHP:这就是我正在尝试的
$string3 = $_GET['search'];
$search_exploded = explode (" ", $string3)
foreach($search_exploded as $search_each)
{
$x++;
if($x==1)
$construct .="movie_name LIKE ? ";
else
$construct .="or movie_name LIKE ? ";
}
foreach($search_exploded as $search_each2)
{
$y++;
if($y==1)
$construct2 .="show_name LIKE ? AND show_name not like ? ";
else
$construct2 .="or show_name LIKE ? AND show_name not like ? ";
}
$construct4 .="movie_name1 LIKE ? ";
$getquery = "(SELECT '1' as sb, id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo where movie_name LIKE ? )
union
(SELECT '2' as sb, id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo
where ($construct4) AND NOT EXISTS
(SELECT id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo where movie_name LIKE ? ))
union
(SELECT '3' as sb, id,poster,show_name,show_name1,year,type,season,imdb FROM tvshows where show_name LIKE ? )
union
(SELECT '4' as sb, id,poster,movie_name,movie_name1,year,type,season,imdb FROM movieinfo
where ($construct) AND id NOT IN
(SELECT id FROM movieinfo where movie_name LIKE ? or movie_name1 LIKE ? ))
union
(SELECT '5' as sb, id,poster,show_name,show_name1,year,type,season,imdb FROM tvshows where $construct2) order by sb";
if($stmt = mysqli_prepare($conn, $getquery)){
mysqli_stmt_bind_param($stmt, "sssssssss", $param_term1, $param_term1, $param_term1, $param_term1, $param_term1, $param_term1, $param_term1, $param_term1, $param_term3);
$param_term1 =$string3;
$param_term2 =$search_each;
$param_term3 =$filter;
if(mysqli_stmt_execute($stmt)){
$result = mysqli_stmt_get_result($stmt);
if(mysqli_num_rows($result) > 0){
$foundnum = mysqli_num_rows($result);
while($row = mysqli_fetch_array($result, MYSQLI_ASSOC)){
}
}
}
}
我原来的mysqli代码工作正常。请帮助我将其转换为准备好的语句。