1. 首頁
  2. 問答
  3. 錯誤SQL在PHP編寫的語句

錯誤SQL在PHP編寫的語句

2014-05-09 85 views
-1

我有下面的代碼中,即時通訊執行PHP中選擇查詢,但是我不知道準備的語句,請更正錯誤在錯誤SQL在PHP編寫的語句

<?php 
$link = mysqli_connect("localhost", "root", "", "world"); 

/* check connection */ 
if (mysqli_connect_errno()) { 
    printf("Connect failed: %s\n", mysqli_connect_error()); 
    exit(); 
} 
$lcSearcharr="Baby-Car-Seat"; 
foreach($lcSearcharr as $lcSearchWord){ 
$lcSearchWord = mysqli_real_escape_string($mysqli, $lcSearchWord); 
$lcSearchWord = preg_replace('/%/', '\%', $lcSearchWord); 
    $parts[] = '`Description` LIKE "%'.$lcSearchWord.'%"'; 

} 


/* create a prepared statement */ 
if ($stmt = mysqli_prepare($link, 'SELECT * FROM xml WHERE ('.implode ('AND',?).')')) { 
    /* bind parameters for markers */ 
    /* Assumes userid is integer and category is string */ 
    mysqli_stmt_bind_param($stmt, "s", $parts); 
    /* execute query */ 
    mysqli_stmt_execute($stmt); 
    /* bind result variables */ 
    mysqli_stmt_bind_result($stmt); 
    /* fetch value */ 
    mysqli_stmt_fetch($stmt); 
    /* Alternative, use a while: 
    while (mysqli_stmt_fetch($stmt)) { 

    } 

    mysqli_stmt_close($stmt); 
} 

/* close connection */ 
mysqli_close($link); 
?>

我在開始的變量有價值的嬰兒車座。然後即時通訊爆炸他們在一個數組,然後即時通訊執行選擇查詢即時執行使用implode函數。這個查詢是正常工作,沒有準備好的聲明,但沒有與準備statement.Please更正我的錯誤在哪裏im錯誤。

來源

2014-05-09 user3615820

+0

請同時發佈魔球的鏈接,告訴我們錯誤的描述 –

+0

錯誤幾乎肯定在這裏'implode('AND',?)' –

+0

@Hanky웃Panky -I m error is on?僅在implode函數中,但它與準備好的語句正常工作。 – user3615820

回答

0

嘗試以下操作:

$lcSearcharr="Baby-Car-Seat"; 
foreach($lcSearcharr as $lcSearchWord){ 
$lcSearchWord = mysqli_real_escape_string($mysqli, $lcSearchWord); 
$lcSearchWord = preg_replace('/%/', '\%', $lcSearchWord); 
    $parts[] = $lcSearchWord; 

} 

$search = implode('|',$parts); 

if ($stmt = mysqli_prepare($link, 'SELECT * FROM xml WHERE Description REGEXP ?')) 
{ 
    mysqli_stmt_bind_param($stmt, "s", $search); 
    mysqli_stmt_execute($stmt); 
    mysqli_stmt_bind_result($stmt); 
    mysqli_stmt_fetch($stmt); 
} 

mysqli_close($link);

它使用REGEX通過Description列檢查。

或者

$lcSearcharr="Baby-Car-Seat"; 
foreach($lcSearcharr as $lcSearchWord){ 
$lcSearchWord = mysqli_real_escape_string($mysqli, $lcSearchWord); 
$lcSearchWord = preg_replace('/%/', '\%', $lcSearchWord); 
    $parts[] = "%$lcSearchWord%"; 

} 

$countSearchWords = count($parts); 

$str = str_repeat('s', $countSearchWords); 

$q = array_fill(0,$countSearchWords,'Description LIKE ?'); 
$params = implode(' AND ',$q); 

if ($stmt = mysqli_prepare($link, 'SELECT * FROM xml WHERE '.$params)) 
{ 
    mysqli_stmt_bind_param($stmt, $str, $parts); 
    mysqli_stmt_execute($stmt); 
    mysqli_stmt_bind_result($stmt); 
    mysqli_stmt_fetch($stmt); 
} 

mysqli_close($link);

這將做你試圖做。分別添加$parts$params

('.implode ('AND',?).')是無效的語法。你不能像這樣使用?

來源

2017-10-17 12:15:47 mega6382

相關問題

 相關問題