我正在为正在处理的教程创建一个简单的搜索查询,但是失败。我收到以下错误:
警告:PDOStatement :: execute():SQLSTATE [HY093]:无效的参数 number:绑定变量的数量与中的令牌数量不匹配 C:\ xampp \ htdocs \ cms \ blog.php,第73行
我是php新手,不了解这意味着什么。谁能帮助菜鸟?
if(isset($_GET["search"])){
$search = $_GET["search"];
$sql = "SELECT * FROM posts WHERE
datetime LIKE :Search
OR title LIKE :Search
OR category LIKE :Search
OR author LIKE :Search
OR post LIKE :search";
$stmt = $connect->prepare($sql);
$stmt->bindValue(':search','%'.$search.'%');
$stmt->execute();
}
答案 0 :(得分:0)
查询中的绑定参数有错误。我建议您将代码编辑如下:
if(isset(filter_input(INPUT_GET, "search", FILTER_SANITIZE_STRING))){
//You should avoid accessing these global variables directly and use filter_input method to access them instead to make your application more secure
$search = filter_input(INPUT_GET, "search", FILTER_SANITIZE_STRING);
//Also possibly your server is case sensitive so it won't work if you use :Search for binding.
$sql = "SELECT * FROM posts WHERE
datetime LIKE :search
OR title LIKE :search
OR category LIKE :search
OR author LIKE :search
OR post LIKE :search";
$stmt = $connect->prepare($sql);
$stmt->bindValue(':search', "%{$search}%");
$stmt->execute();
}
我在上面的代码示例中添加了解释性注释。请阅读它们以获取更多说明。我希望这会有所帮助。
干杯!