SQLSTATE [HY093]:无效的参数号 [英] SQLSTATE[HY093]: Invalid parameter number

问题描述

我在使搜索查询正常工作时遇到了一些麻烦.我得到这个错误.

I am having some trouble getting my search query to work. I get this error.

SQLSTATE [HY093]:无效的参数号

SQLSTATE[HY093]: Invalid parameter number

这是我的代码.

<?php
try{
    $sql = "SELECT * FROM `character` WHERE `name` LIKE :search  OR `play` LIKE :search";
    $query = $db->prepare($sql); 
    $query->execute(array(':search' => strip_tags($_POST['search'])));
    $result = $query->fetchAll(PDO::FETCH_ASSOC);
    foreach($result as $row){
            $name = $row['name'];
            $gender = $row['gender'];
            $id = $row['id'];
            echo "<tr>
            <td>". $name ."</td>
            <td>". $gender ."</td>
                <td><a href='characterbio.php?id=". $id ."'>". $name ."'s Bio Page</a></td>
                </tr>";
    }
}catch(PDOException $e){
     die($e->getMessage());
}
?>

请帮帮我.谢谢！

推荐答案

根据

您必须为每个要包含的值包括一个唯一的参数标记 调用PDOStatement :: execute()时传递给该语句.你 不能多次使用相同名称的命名参数标记 除非打开了仿真模式，否则准备好的语句.

You must include a unique parameter marker for each value you wish to pass in to the statement when you call PDOStatement::execute(). You cannot use a named parameter marker of the same name more than once in a prepared statement, unless emulation mode is on.

所以要么打开仿真模式

$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, TRUE);

或更改为-

$sql = "SELECT * FROM `character` WHERE `name` LIKE :search1  OR `play` LIKE :search2";
$query = $db->prepare($sql); 
$query->execute(array(':search1' => strip_tags($_POST['search']),':search2' => strip_tags($_POST['search'])));

此外，由于在查询中使用的是LIKE，因此您需要将通配符%添加到值中

Also, since you are using LIKE in your query, you will want to add wildcards % to your values

$query->execute(array(':search1' => "%".strip_tags($_POST['search'])."%",':search2' => "%".strip_tags($_POST['search'])."%"));

这篇关于SQLSTATE [HY093]:无效的参数号的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！