我目前在一個網站中,用戶能夠從數據庫中搜索使用許多不同的標準(以事件從一個創建一個非常簡單的搜索功能的過程許多不同的數字),而且我正在使用準備好的語句,特別是bind_param()時遇到了問題。簡單的搜索功能中,MySQL準備好的語句問題
下面是相關PHP代碼:
...
...
$title = (empty($_POST['eventTitle'])) ? null : $_POST['eventTitle'];
$venue = (empty($_POST['venue'])) ? null : $_POST['venue'];
$catID = (empty($_POST['catID'])) ? null : $_POST['catID'];
$start = (empty($_POST['start'])) ? null : $_POST['start'];
$end = (empty($_POST['end'])) ? null : $_POST['end'];
$price = (empty($_POST['price'])) ? null : $_POST['price'];
include 'database_conn.php';
$sql = 'SELECT eventID, eventTitle, venueID, catID, eventStartDate,
eventEndDate, eventPrice FROM te_events WHERE 1';
$sqlCondition = '';
$bindFirstArg = '"';
$bindSecondArg = '';
if($title !== null && !empty($title)) {
$sqlCondition = $sqlCondition . " AND eventTitle LIKE \"%"
. $title . "%\"";
}
if($venue !== null && $venue !== '0') {
$sqlCondition = $sqlCondition . " AND venueID=?";
$bindFirstArg = $bindFirstArg . "s";
$bindSecondArg = $bindSecondArg . ", " . $venue;
}
if($catID !== null && $catID !== '0') {
$sqlCondition = $sqlCondition . " AND catID=?";
$bindFirstArg = $bindFirstArg . "s";
$bindSecondArg = $bindSecondArg . ", " . $catID;
}
if($start !== null && $start !== '0') {
$sqlCondition = $sqlCondition . " AND eventStartDate=?";
$bindFirstArg = $bindFirstArg . "s";
$bindSecondArg = $bindSecondArg . ", " . $start;
}
if($end !== null && $end !== '0') {
$sqlCondition = $sqlCondition . " AND eventEndDate=?";
$bindFirstArg = $bindFirstArg . "s";
$bindSecondArg = $bindSecondArg . ", " . $end;
}
if($price !== null && !empty($price)) {
$sqlCondition = $sqlCondition . " AND eventPrice=?";
$bindFirstArg = $bindFirstArg . "i";
$bindSecondArg = $bindSecondArg . ", " . $price;
}
$sql = $sql . $sqlCondition;
$bindFirstArg = $bindFirstArg . '"';
$search_stmt = $conn -> prepare($sql);
if (false===$search_stmt) {
die('prepare() failed: ' . htmlspecialchars($conn->error));
}
$search_stmt -> bind_param($bindFirstArg, $bindSecondArg);
$search_stmt -> execute();
$search_stmt -> bind_result($eventIDRes, $eventTitleRes, $venueIDRes,
$catIDRes, $eventStartRes, $eventEndRes, $eventPriceRes);
while ($search_stmt->fetch()) {
printf ("%s %s %s %s %s %s %i\n", $eventIDRes, $eventTitleRes,
$venueIDRes, $catIDRes, $eventStartRes, $eventEndRes, $eventPriceRes);
}
mysqli_stmt_close($search_stmt);
錯誤我收到美國
警告:mysqli_stmt :: bind_param()[mysqli的-stmt.bind-PARAM]:數字類型定義字符串中元素的數量不匹配/var/www/vhosts/numyspace.co.uk/web_users/home/~unn_w12019212/public_html/webdev/ searchresult.php on line 101中綁定變量的數量「
任何想法?
您需要爲您的查詢中的每個*'?'傳遞'bind_param'參數。你只傳遞一個參數('$ bindSecondArg')。 –
MySQLi預準備語句要求您爲每個參數指定一個數據類型。 –
@RocketHazmat - $ bindSecondArg是用來裝它是根據用戶的選擇範圍內的,所以在現實中,它在其內具有多個變量的變量名的變量。 – Charlieabee