如何修复“使用过滤器准备的语句”

时间:2019-02-15 18:28:42

标签: php html sql filter

它只给我一个错误,但我不知道为什么。 它应该是一个网上商店的过滤系统,具有不同类别的复选框。

输出: “选择*从artikel那里(Aktiv = 1)AND(Kategorie ='1'或Kategorie ='2'或Kategorie ='3'或Kategorie ='4'或Kategorie ='5'或Kategorie ='6'或Kategorie ='7')AND(?和?之间的价格)通过ArtikelID ASC LIMIT?,?订购”。

准备失败:(0)

致命错误:未捕获错误:在C:\ xampp \ htdocs \ website \ buy_offer.php:54中对布尔值调用成员函数bind_param()堆栈跟踪:#0 {main}抛出在C:\ xampp \ htdocs中\ website \ buy_offer.php,第54行

mysqli_report: 致命错误:mysqli_sql_exception未捕获:SQL语法有错误;检查与您的MariaDB服务器版本相对应的手册以获取正确的语法,以在C的第1行的'“ SELECT * FROM artikel WHERE(Aktiv = 1)AND(Kategorie ='1'OR Kategorie ='2'OR' \ xampp \ htdocs \ website \ buy_offer.php:54堆栈跟踪:#0 C:\ xampp \ htdocs \ website \ buy_offer.php(54):mysqli-> prepare('“ SELECT * FROM ...')#1 {main}在第54行的C:\ xampp \ htdocs \ website \ buy_offer.php中抛出

$sortingInt = mysqli_real_escape_string($cxn1, strip_tags($_POST['sort']));
if($sortingInt == 1){$sorting="Preis ASC";}else if($sortingInt == 2){$sorting="Preis DESC";}else if($sortingInt == 5){$sorting="Aufrufe ASC";}else if($sortingInt == 6){$sorting="Aufrufe DESC";}else{$sorting="ArtikelID ASC";}
$sql = '"SELECT * FROM artikel WHERE (Aktiv = 1)';
$optionsSQL = "";
foreach($_POST["filter_categorie"] as $index => $option) {
    if ($optionsSQL == ""){$optionsSQL = " AND (Kategorie='";}//if it's the first detected option
    else{$optionsSQL .= "OR Kategorie='";}
    $optionsSQL .= $option."' ";
}
$sql .= $optionsSQL;
$sql .= ") AND (Preis BETWEEN ? AND ?) "; 
$sql .= ' ORDER BY ';
$sql .= $sorting;
$sql .= 'LIMIT ?,?"';
echo "$sql <br>";
if (!($stmt = $cxn1->prepare($sql))){echo "Prepare failed: (" . $cxn1->errno . ") " . $cxn1->error;}
if (!$stmt->bind_param("ddii", $priceMin, $priceMax, $start, $beitraege_pro_seite)){echo "Binding parameters failed:(" . $stmt->errno . ") " . $stmt->error;}
if (!$stmt->execute()){echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;}
if (!($result = $stmt->get_result())) {echo "Getting result set failed: (" . $stmt->errno . ") " . $stmt->error;}
$stmt->free_result();

0 个答案:

没有答案