如何在PHP中使用带有in子句的查询中使用准备好的语句
我需要做一个简单的查询如何在PHP中使用带有in子句的查询中使用准备好的语句,php,mysql,prepared-statement,Php,Mysql,Prepared Statement,我需要做一个简单的查询 $array_of_ids = array(); //poulate $array_of_ids, they don't come from another db but from Facebook //so i can't use a subquery for the IN clause $wpdb->prepare("SELECT id from table where id IN (%d, %d)", $array_of_ids [0], $array_of_
$array_of_ids = array();
//poulate $array_of_ids, they don't come from another db but from Facebook
//so i can't use a subquery for the IN clause
$wpdb->prepare("SELECT id from table where id IN (%d, %d)", $array_of_ids [0], $array_of_ids [1]);
问题是,如果数组中有200个元素,那么正确的处理方法是什么?是否必须使用200
%d$wpdb->prepare("SELECT id FROM table WHERE id IN ("
. implode(',',$array_of_ids) . ")");
preparevsprintf$wpdb->prepare("SELECT id FROM table WHERE id IN ("
. str_repeat("%d,", count($array_of_ids)-1) . "%d)" , $array_of_ids);
是的,动态sql就是这样。幸运的是,整数很容易不出错
$vals = array_filter(array_map('intval', $vals));
确保至少有一个值,然后将其内爆。这里不需要准备语句,只需执行sql即可。我不确定这是一种好方法,但您可以这样做:
$sql = "SELECT id from table where id IN ("
. implode(',', array_fill(0, count($array_of_ids), "%d"))
. ")";
call_user_func_array(array($wpdb, 'prepare'), $array_of_ids);
%d调用用户函数数组来动态执行此操作
也就是说,我不确定这是否真的是一个准备好的语句值得麻烦的情况,因为清理整数是多么容易。您可以这样做:
$query = $wpdb->prepare("SELECT id from table where id IN :param");
$query->bindParam("param", "(".implode(',', array_map('intval', $array_of_ids)).")");
因为这还没有被接受的答案,所以我将继续我的方法
将输出
SELECT id from table where id IN (0,1,1,2,3,5,8,13)
SELECT id from table where id IN (1,2,3,5,8)
当
将输出
SELECT id from table where id IN (0,1,1,2,3,5,8,13)
SELECT id from table where id IN (1,2,3,5,8)
请注意,is_int
不适用于$\u GET变量,因此使用is_numeric
来代替看看[这个问题][1]是否没有回答你的问题[1]:有点违背了准备语句的全部目的,是不是“tcha”。你可以做一个内爆(',',数组映射('intval',$array\u of_id))
以确保它们实际上是数字。公平点数;我只是好奇,你为什么不做str\u repeat(“%d”),count($array\u of_id))。“”“array\u map('intval',…)param