PHP MYSQL SELECT查询参数包含与号(&)

时间:2018-08-23 17:19:01

标签: php mysql pdo

我正在使用PHP PDO准备的语句。我传入一个字符串,并从MYSQL返回记录。我将三个变量传递给该方法。

查询不返回任何内容。如果我在phpmyadmin中执行相同的查询,它将返回所有正确的数据。我相信这是$ team变量中的&符,但是,我不知道要解决它。我没有使用链接,它也不是表单元素。它是对该方法的直接调用。 这三个参数的值是

    $season = '2018-19';
    $league = 20;
    $team = "Texas A&M University-Kingsville"; 

这是我的方法:

    public static function getTeamGames($season, $league, $team){

        $conn = parent::connect();            
        $sql = "SELECT * FROM rfw_games WHERE season = :season && 
            league = :league && home = :team";
        try {
            $st = $conn->prepare( $sql );
            $st->bindValue( ":season", $season, PDO::PARAM_STR );
            $st->bindValue( ":team", $team, PDO::PARAM_STR );
            $st->bindValue( ":league", $league, PDO::PARAM_INT );
            $st->execute();

            $games = array();
            foreach ( $st->fetchAll() as $row ) {
                $games[] = new Game( $row );
            }
            parent::disconnect( $conn);
            return $games;
        } catch (PDOException $e ) {
            parent::disconnect( $conn );
            die( "Query failed: " . $e->getMessage() );
        }
    }

    $weeklyGames = Game::getTeamGames( $season, $league, $tName );

我非常感谢大家的帮助。

谢谢。

1 个答案:

答案 0 :(得分:0)

我能够解决此问题。

我必须在$ team参数上使用html_entity_decode。

我将方法更改为以下内容:

        public static function getTeamGames($season, $league, $team){
          $dTeam = html_entity_decode($team);

          $conn = parent::connect();              
          $sql = "SELECT * FROM rfw_games WHERE season = :season && league = :league && home = :team";

          try {
            $st = $conn->prepare( $sql );
            $st->bindValue( ":season", $season, PDO::PARAM_STR );
            $st->bindValue( ":team", $dTeam, PDO::PARAM_STR );
            $st->bindValue( ":league", $league, PDO::PARAM_INT );
            $st->execute();
            $games = array();
            foreach ( $st->fetchAll() as $row ) {
              $games[] = new Game( $row );
            }
            parent::disconnect( $conn);
            return $games;
          } catch (PDOException $e ) {
            parent::disconnect( $conn );
            die( "Query failed: " . $e->getMessage() );
          }
       }