php中sql准备语句中的错误
我有以下代码,其中我在php中执行select查询,但我不知道准备好的语句,请更正其中的错误php中sql准备语句中的错误,php,mysql,sql,Php,Mysql,Sql,我有以下代码,其中我在php中执行select查询,但我不知道准备好的语句,请更正其中的错误 <?php $link = mysqli_connect("localhost", "root", "", "world"); /* check connection */ if (mysqli_connect_errno()) { printf("Connect failed: %s\n", mysqli_connect_error()); exit(); } $lcSearc
<?php
$link = mysqli_connect("localhost", "root", "", "world");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$lcSearcharr="Baby-Car-Seat";
foreach( $lcSearcharr as $lcSearchWord ){
$lcSearchWord = mysqli_real_escape_string($mysqli, $lcSearchWord);
$lcSearchWord = preg_replace('/%/', '\%', $lcSearchWord);
$parts[] = '`Description` LIKE "%'.$lcSearchWord.'%"';
}
/* create a prepared statement */
if ($stmt = mysqli_prepare($link, 'SELECT * FROM xml WHERE ('.implode ('AND',?).')')) {
/* bind parameters for markers */
/* Assumes userid is integer and category is string */
mysqli_stmt_bind_param($stmt, "s", $parts);
/* execute query */
mysqli_stmt_execute($stmt);
/* bind result variables */
mysqli_stmt_bind_result($stmt);
/* fetch value */
mysqli_stmt_fetch($stmt);
/* Alternative, use a while:
while (mysqli_stmt_fetch($stmt)) {
}
mysqli_stmt_close($stmt);
}
/* close connection */
mysqli_close($link);
?>
开始时我有一个变量,其值为baby-car-seat。然后我将它们分解成一个数组,然后我执行select查询,我使用内爆函数执行该查询。此查询在没有预处理语句的情况下正常工作,但在预处理语句的情况下正常工作。请更正我错误的地方。尝试以下操作:
$lcSearcharr="Baby-Car-Seat";
foreach( $lcSearcharr as $lcSearchWord ){
$lcSearchWord = mysqli_real_escape_string($mysqli, $lcSearchWord);
$lcSearchWord = preg_replace('/%/', '\%', $lcSearchWord);
$parts[] = $lcSearchWord;
}
$search = implode('|',$parts);
if ($stmt = mysqli_prepare($link, 'SELECT * FROM xml WHERE Description REGEXP ?'))
{
mysqli_stmt_bind_param($stmt, "s", $search);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt);
mysqli_stmt_fetch($stmt);
}
mysqli_close($link);
这将使用REGEX
检查Description
列
或
这会做你想做的事。分别添加$parts
和$params
('.intlode('AND',?)。)
是无效语法。您不能像那样使用?
。请同时发布指向魔法球的链接,它将告诉我们错误描述错误几乎肯定就在这里内爆('AND',?)
@Hanky웃潘基,我有错误吗?仅在内爆函数中,但它与准备好的语句一起正确工作。请参阅下面的链接,该链接可帮助您解决问题。
$lcSearcharr="Baby-Car-Seat";
foreach( $lcSearcharr as $lcSearchWord ){
$lcSearchWord = mysqli_real_escape_string($mysqli, $lcSearchWord);
$lcSearchWord = preg_replace('/%/', '\%', $lcSearchWord);
$parts[] = "%$lcSearchWord%";
}
$countSearchWords = count($parts);
$str = str_repeat('s', $countSearchWords);
$q = array_fill(0,$countSearchWords,'Description LIKE ?');
$params = implode(' AND ',$q);
if ($stmt = mysqli_prepare($link, 'SELECT * FROM xml WHERE '.$params))
{
mysqli_stmt_bind_param($stmt, $str, $parts);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt);
mysqli_stmt_fetch($stmt);
}
mysqli_close($link);