Php PDO仅插入最后一个绑定参数
我编写了一个pdo包装类,它带有一个查询函数,可以在执行之前自动获取一个数组并将值绑定到语句Php PDO仅插入最后一个绑定参数,php,pdo,Php,Pdo,我编写了一个pdo包装类,它带有一个查询函数,可以在执行之前自动获取一个数组并将值绑定到语句 public function query($query, $sprints = NULL) { // Add query to the last query and benchmark $bench['query'] = $query; // Prepare the statement $this->result = $this->pdo->prep
public function query($query, $sprints = NULL)
{
// Add query to the last query and benchmark
$bench['query'] = $query;
// Prepare the statement
$this->result = $this->pdo->prepare($query);
// Process our sprints and bind parameters
if(is_array($sprints))
{
// Bind our parameters
foreach($sprints as $key => $value)
{
// if we are using "?'s", then we up the keys +1
if(is_int($key)) ++$key;
// Bid the param based on its type
if(is_int($value))
{
// Bind the param
$this->result->bindParam($key, $value, \PDO::PARAM_INT);
$bench['bound'][$key] = $value;
}
else
{
// Bind the param
$this->result->bindParam($key, $value, \PDO::PARAM_STR, strlen($value));
$bench['bound'][$key] = $value;
}
}
}
// Time, and process our query
$start = microtime(true);
try {
$this->result->execute();
}
catch (\PDOException $e) {
// show error
}
$end = microtime(true);
// Get our benchmark time
$bench['time'] = round($end - $start, 5);
// Get our number of rows
$this->num_rows = $this->result->rowCount();
// Add the query to the list of queries
$this->queries[] = $bench;
// Return
return $this;
}
问题是,在Insert上,它用最后一个绑定参数替换所有的。以下是查询和结果:
INSERT INTO sessions(`token`,`ip_address`,`last_seen`,`user_data`) VALUES (?, ?, ?, ?)
绑定参数为:
[bound] => Array ( [1] => test1 [2] => 0.0.0.0 [3] => test3 [4] => test4 )
数据库中的结果是,所有4列都用test4填充。有人知道它为什么要这样做吗?不知道你的问题是什么,但为什么不干脆这样做呢
$this->result = $this->pdo->prepare($query);
$this->result->execute($sprints);
不知道你有什么问题,但为什么不干脆
$this->result = $this->pdo->prepare($query);
$this->result->execute($sprints);
使用bindValue,而不是bindParam
<?php
if ( count( $this->_params ) > 0 )
{
foreach ( $this->_params as &$param )
{
$statement->bindValue( ":{$param->name}", $param->value, $param->type );
}
}
使用bindValue,而不是bindParam
<?php
if ( count( $this->_params ) > 0 )
{
foreach ( $this->_params as &$param )
{
$statement->bindValue( ":{$param->name}", $param->value, $param->type );
}
}
我对此有点困惑。通过这种方式,swl注入的参数仍然可以被清除吗?我对此有点困惑。通过这种方式,参数是否仍然可以从swl注入中清除?