Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/60.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
PHP MYSQL不硬编码Limit子句的值时出错_Php_Mysql_Pdo - Fatal编程技术网
Fatal编程技术网
  • php/
  • PHP MYSQL不硬编码Limit子句的值时出错

PHP MYSQL不硬编码Limit子句的值时出错

php mysql

PHP MYSQL不硬编码Limit子句的值时出错,php,mysql,pdo,Php,Mysql,Pdo,在尝试使用通过$\u get[]检索的值时,我会获取并出错,尤其是$start和$end,我使用它们来限制结果的数量。每当我硬编码最底层代码中的值时,服务器都会毫无问题地获取结果。为什么我不能传递一个参数来限制使用PHP PDO为MySQL准备的语句 这就是我得到的错误 Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 10

在尝试使用通过$\u get[]检索的值时,我会获取并出错,尤其是$start和$end,我使用它们来限制结果的数量。每当我硬编码最底层代码中的值时,服务器都会毫无问题地获取结果。为什么我不能传递一个参数来限制使用PHP PDO为MySQL准备的语句

这就是我得到的错误

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]:
Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''0', '20'
                                ORDER by orders.order_placed' at line 10' in /base/data/home/apps/s~beta/1.383539951926438776/admin/get/getorderitems.php:35
Stack trace:
#0 /base/data/home/apps/s~beta/1.383539951926438776/admin/get/getorderitems.php(35): PDOStatement->execute()
#1 {main}
thrown in /base/data/home/apps/s~beta/1.383539951926438776/admin/get/getorderitems.php on line 35



<?php

error_reporting(E_ALL); ini_set('display_errors', 1);

require('../../dbconnect.php');

$stadiums_id = $_GET['stadiums_id'];
$time = $_GET['time'];
$time_12ago = $time - 43200000;  // last 12 hours
$start = 0 + $_GET['start'];  // used for limit clause
$end = $start +  20;
$page = $_GET['page'];

$json;

//  incoming order
if($page === "incoming"){
    $statement=$con->prepare('SELECT orders.*,orders_has_items.*,
                                customers.id,customers.fname,customers.lname,items.*
                                FROM orders_has_items,items,orders,customers 
                                WHERE orders.stadiums_id = :stadiums_id 
                                AND orders_has_items.items_id = items.id
                                AND orders.id = orders_has_items.orders_id
                                AND customers.id = orders.customers_id
                                AND (orders.order_prepared IS NULL) 
                                AND orders.create_time BETWEEN :time_12ago AND :time
                                ORDER by orders.order_placed
                                limit :start, :end');
    $statement->bindParam(':stadiums_id',$stadiums_id); // bind param to variable
    $statement->bindParam(':time_12ago',$time_12ago); // bind param to variable
    $statement->bindParam(':time',$time); // bind param to variable
    $statement->bindParam(':start',$start); // bind param to variable
    $statement->bindParam(':end',$end); // bind param to variable
    $statement->execute();
    $results=$statement->fetchAll(PDO::FETCH_ASSOC);
    $json=json_encode($results);
}
默认情况下,
bindParam()
将参数绑定为字符串。在将值传递给bind函数之前将其强制转换为整数,并将数据类型设置为
PDO::PARAM_INT

$statement->bindParam(':start',(int)$start, PDO::PARAM_INT)); // bind param to variable
$statement->bindParam(':end',(int)$end, PDO::PARAM_INT)); // bind param to variable
我想你是对的!它添加了单引号,我早些时候尝试将它转换为int,希望它能删除它们。我要试试他们的施法,看看能不能解决这个问题。谢谢你的链接!请参阅错误消息中的双引号,
“0”
?它被读取为字符串而不是INT。在我需要数据库连接文件
$dbconnect->setAttribute(PDO::ATTR\u EMULATE\u PREPARES,false)之后,我在右上角添加了这一行这似乎工作得很完美。增加那一行有什么问题吗?

$statement->bindParam(':start',(int)$start, PDO::PARAM_INT)); // bind param to variable
$statement->bindParam(':end',(int)$end, PDO::PARAM_INT)); // bind param to variable