在准备好的语句中使用 LIKE '%{$var}%' 的正确方法?[mysqli] [英] Correct way to use LIKE '%{$var}%' with prepared statements? [mysqli]
问题描述
这不起作用
$sql = 'SELECT * FROM `users` WHERE username LIKE \'%{?}%\' ';
警告:mysqli_stmt::bind_param():变量数与第 1 行/home/rgero/public_html/php/searchadmins.php 中准备好的语句中的参数数不匹配
Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement in /home/rgero/public_html/php/searchadmins.php on line 1
这个也不行
$sql = 'SELECT * FROM `users` WHERE username LIKE %{?}% ';
致命错误:错误的 SQL:SELECT * FROM users
WHERE username LIKE %{?}% 错误:0 in/home/rgero/public_html/php/searchadmins.php on line 1
Fatal error: Wrong SQL: SELECT * FROM users
WHERE username LIKE %{?}% Error: 0 in /home/rgero/public_html/php/searchadmins.php on line 1
我该怎么做?我正在尝试搜索玩家功能,在您输入表单时更新结果,就像谷歌在您输入时已经显示答案一样.我需要用户名 Admin ,如果你输入 dm ,它已经在包含dm"的其他用户名中显示出来.它也应该不区分大小写
How would I go about this? I'm trying to make a search for players function that updates the results as you're typing in the form, something like how google already shows answers while you're typing. I need for the username Admin , if you type dm, to show it already among other usernames that contain "dm". It should also be case insensitive
推荐答案
试试这个
$likeVar = "%" . $yourParam . "%";
$stmt = $mysqli->prepare("SELECT * FROM REGISTRY where name LIKE ?");
$stmt->bind_param("s", $likeVar);
$stmt->execute();
您只需要使用 ?
准备查询,然后使用 bind_param
绑定参数.
you need to prepare the query using simply ?
then you bind the param using bind_param
.
这篇关于在准备好的语句中使用 LIKE '%{$var}%' 的正确方法?[mysqli]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!