SQLSTATE [HY093]:无效的参数号 [英] SQLSTATE[HY093]: Invalid parameter number
问题描述
我在使搜索查询正常工作时遇到了一些麻烦.我得到这个错误.
I am having some trouble getting my search query to work. I get this error.
SQLSTATE [HY093]:无效的参数号
SQLSTATE[HY093]: Invalid parameter number
这是我的代码.
<?php
try{
$sql = "SELECT * FROM `character` WHERE `name` LIKE :search OR `play` LIKE :search";
$query = $db->prepare($sql);
$query->execute(array(':search' => strip_tags($_POST['search'])));
$result = $query->fetchAll(PDO::FETCH_ASSOC);
foreach($result as $row){
$name = $row['name'];
$gender = $row['gender'];
$id = $row['id'];
echo "<tr>
<td>". $name ."</td>
<td>". $gender ."</td>
<td><a href='characterbio.php?id=". $id ."'>". $name ."'s Bio Page</a></td>
</tr>";
}
}catch(PDOException $e){
die($e->getMessage());
}
?>
请帮帮我.谢谢!
推荐答案
您必须为每个要包含的值包括一个唯一的参数标记 调用PDOStatement :: execute()时传递给该语句.你 不能多次使用相同名称的命名参数标记 除非打开了仿真模式,否则准备好的语句.
You must include a unique parameter marker for each value you wish to pass in to the statement when you call PDOStatement::execute(). You cannot use a named parameter marker of the same name more than once in a prepared statement, unless emulation mode is on.
所以要么打开仿真模式
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, TRUE);
或更改为-
$sql = "SELECT * FROM `character` WHERE `name` LIKE :search1 OR `play` LIKE :search2";
$query = $db->prepare($sql);
$query->execute(array(':search1' => strip_tags($_POST['search']),':search2' => strip_tags($_POST['search'])));
此外,由于在查询中使用的是LIKE
,因此您需要将通配符%
添加到值中
Also, since you are using LIKE
in your query, you will want to add wildcards %
to your values
$query->execute(array(':search1' => "%".strip_tags($_POST['search'])."%",':search2' => "%".strip_tags($_POST['search'])."%"));
这篇关于SQLSTATE [HY093]:无效的参数号的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!