我在php中有一个脚本。
$id=$_GET['id'];
$endTime=$_GET['endTime'];
$stmt = $con->prepare("SELECT candidateId from Attendence where candidateId=? and startTime>cast(? as time)"); //This is the problem line
$stmt->bind_param("ds", $id,$endTime);
//executing the query
$stmt->execute();
//binding results to the query
$stmt->bind_result($var);
$response = array();
$response['success']=false;
//traversing through all the result
if($stmt->fetch())
{
$response['success']=true;
$response['cand']=$var;
}
//displaying the result in json format
echo json_encode($response);
当我在网址栏中输入此字词时,它工作正常:
http://arnabbanerjee.dx.am/checkAttendenceValidity.php?id=12100116050&endTime='14:30:00'
但是当我将第3行更改为
$stmt = $con->prepare("SELECT candidateId from Attendence where candidateId=? and startTime<cast(? as time)");
并输入以下网址:
http://arnabbanerjee.dx.am/checkAttendenceValidity.php?id=12100116050&endTime='18:30:00'
它显示{“ success”:false}
这是出勤表中的条目。
12100116050(candidateId) 15:30:00(startTime) 2019-02-05 OS present 17:30:00(endTime)
有人可以告诉我如何解决此问题吗?
答案 0 :(得分:1)
删除endTime周围的单引号
http://arnabbanerjee.dx.am/checkAttendenceValidity.php?id=12100116050&endTime=18:30:00
否则,查询字符串将扩展为:
startTime<cast("'18:30:00'" as time)
强制转换结果为NULL。