使用PDO进行插入和the_geom [英] Using PDO for an insert and the_geom
问题描述
我正在将代码切换到PDO,以提高安全性.我的插入将起作用,直到添加创建空间数据的特殊列为止.请参阅以下有关有效的标准插入内容,有关无效内容的信息,请参见以下第二页.
I'm switching my code to PDO for increased security. My insert works until I add a special column that create spatial data. See below for the standard insert that works, and 2nd below for what is not working.
$sql = "INSERT INTO sites_tbl (sitename, the_geom) VALUES ('$_POST[sitename]', st_geomfromtext('POINT($geomstring)',27700))";
geomstring =格式化为000000 000000的数字
The geomstring = a number formatted 000000 000000
使用PDO时,如果我只想插入站点名称,而不是在执行the_geom时,则使用相同的插入类似(如下)的效果.值325123 215432最终将是一个变量,但现在我正在测试列出.
Using PDO the same insert looks something like (below) this works if I just want to insert the sitename, but not when I do the_geom. The value 325123 215432 will eventually be a variable, but for now I'm testing list this.
$stmt5 = $conn ->prepare(
"INSERT INTO sites_tbl (sitename, river_id, group_id, accepted_site, the_geom, bmwp_threshold) VALUES (?, ?, ?, ?, ?, ?)");
$stmt5->bindParam(1, $sitename);
$stmt5->bindParam(2, $river_id);
$stmt5->bindParam(3, $group_id);
$stmt5->bindParam(4, $accepted_site);
$stmt5->bindParam(5, $geomstring3);
$stmt5->bindParam(6, $bmwp_threshold);
$geomstring2 = "'POINT(635230 352120)'";
$geomstring3 = st_geomfromtext($geomstring2, 27700);
推荐答案
您不能
绑定
任意
SQL部分
使用
已准备
声明
you cannot
bind
an arbitrary
SQL part
using
prepared
statement
但字符串
或数字
文字
只要.
but string
or numeric
literal
only.
$geomstring4 = "'POINT(325123 215432)'";
$stmt5 = $conn ->prepare(
"INSERT INTO sites_tbl (sitename, the_geom) VALUES (?, st_geomfromtext(?,27700)))");
$stmt5->bindParam(1, $sitename);
$stmt5->bindParam(2, $geomstring4);
这篇关于使用PDO进行插入和the_geom的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!