插入语句无法使用PDO的execute(array())

时间:2018-09-15 21:38:03

标签: php pdo execute

我正在尝试插入PDO Prepared语句并使其安全。我有一个可行的示例,当我在数组中添加第二个变量时,麻烦来自EXECUTE()。 MySQL v5.5.60 

$Table = "devices";
$Name = "Garage Door";

不起作用 

function allResults($Table, $Name) {
    $pdo = Database::connect();
    $sql = $pdo->prepare("SELECT * FROM :table WHERE Name = :name ORDER BY ID DESC");
    $sql->execute([':name' => $Name, ':table' => $Table]);
    $data = $sql->fetch(PDO::FETCH_ASSOC);
    return $data;
}

不起作用 

    function allResults($Table, $Name) {
    $pdo = Database::connect();
    $sql = $pdo->prepare("SELECT * FROM :table WHERE Name = :name ORDER BY ID DESC");
    $sql->execute(array(':name' => $Name, ':table' => $Table));
    $data = $sql->fetch(PDO::FETCH_ASSOC);
    return $data;
}

工作! 

    function allResults($Table, $Name) {
    $pdo = Database::connect();
    $sql = $pdo->prepare("SELECT * FROM $Table WHERE Name = :name ORDER BY ID DESC");
    $sql->execute(array(':name' => $Name));
    $data = $sql->fetch(PDO::FETCH_ASSOC);
    return $data;
}

谢谢

0 个答案:

没有答案
相关问题
最新问题