PDO和SQL IN语句 [英] PDO and SQL IN statements
问题描述
我正在使用续集进行搜索,例如使用PDO
Im using a sequel for search like this using PDOs
$states = "'SC','SD'";
$sql = "select * from mytable where states in (:states)";
$params = array(':states'=>$states);
我使用我的功能
$result = $this->selectArrayAssoc($sql, $params);
其中的selectArrayAssoc功能如下
where my selectArrayAssoc function as following
public function selectArrayAssoc($sql, $params = array())
{
try {
$sth = $this->db->prepare($sql);
$sth->execute($params);
$result = $sth->setFetchMode(PDO::FETCH_ASSOC);
return $sth->fetchAll();
} catch(PDOException $e) {
print $e->getMessage();
//Log this to a file later when in production
exit;
}
}
它不带引号的变量,我认为这是抑制性的,在这种情况下如何处理.
it does not take the quoted variables, I think it is suppressing, in such cases how to deal with this.
推荐答案
通常,使用预准备语句占位符(参数绑定)时,每次出现的占位符都只包含一个变量.
When using prepared statement placeholders (parameter binding) in general, each occurrence of a placeholder holds exactly one variable.
您正尝试通过几个.发生的基本上是您的参数被转义了:您的:states 被替换为'''SC'',"SD'''或'\' SC \',\'SD \''内部,而不是仅包含所需的原始'SC','SD'.
You're trying to pass several. What's happening is basically that your parameters are escaped: Your :states is replaced with '''SC'',''SD''' or '\'SC\',\'SD\'' internally, rather than with just the raw 'SC','SD' that you want.
这篇关于PDO和SQL IN语句的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!