可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
In this query
select wrd from tablename WHERE wrd LIKE '$partial%'
I'm trying to bind the variable '$partial%'
with PDO. Not sure how this works with the %
at the end.
Would it be
select wrd from tablename WHERE wrd LIKE ':partial%'
where :partial
is bound to $partial="somet"
or would it be
select wrd from tablename WHERE wrd LIKE ':partial'
where :partial
is bound to $partial="somet%"
or would it be something entirely different?
回答1:
+1 karim's answer covers it. You could also say:
"SELECT wrd FROM tablename WHERE wrd LIKE CONCAT(:partial, '%')"
to do the string joining at the MySQL end, not that there's any particular reason to in this case.
Things get a bit more tricky if the partial wrd
Hopefully that doesn't affect you, but if you do need to get that case right, here's the messy solution:
$stmt= $db->prepare("SELECT wrd FROM tablename WHERE wrd LIKE :term ESCAPE '+'"); $escaped= str_replace(array('+', '%', '_'), array('++', '+%', '+_'), $var); $stmt->bindParam(':term', $escaped);
回答2:
$var = "partial%"; $stmt = $dbh->prepare("select wrd from tablename WHERE wrd LIKE :partial"); $stmt->bindParam(":partial", $var); $stmt->execute(); // or $stmt->execute(array(':partial' => $var)); without // first calling bindParam() $rs = $stmt->fetchAll();
Using question mark parameters:
$stmt = $dbh->prepare('select wrd from tablename WHERE wrd LIKE ?'); $stmt->execute(array('partial%')); $rs = $stmt->fetchAll();
http://www.php.net/manual/en/pdo.prepare.php
回答3:
You can use addcslashes before prepared statement. I tested on mysql.
$value = addcslashes($value, '%'); $stmt = $db->prepare('select * from products where description like ?'); $stmt->execute(["$value%"]);
回答4:
This is how you should do it
bindValue(':partial', '%' . $_GET['partial'] . '%');
Thanks,
Qwerty
回答5:
The below code it shows only the first keywords in the database!
"SELECT wrd FROM tablename WHERE wrd LIKE CONCAT(:partial, '%')"
Try this one if you want to search all the keywords from the database
"SELECT wrd FROM tablename WHERE wrd LIKE :partial"; $stmt->execute(array(':partial'=>'%'.$YourVarHere.'%'));
回答6:
Who has written the answare (may be karim79):
$var ="partial%" $stmt =$dbh->prepare("select wrd from tablename WHERE wrd LIKE :partial") $stmt->bindParam(":partial",$var) $stmt->execute(); //or$stmt->execute(array(':partial'=>$var)); without // first calling bindParam() $rs =$stmt->fetchAll();
Using question mark parameters:
$stmt =$dbh->prepare('select wrd from tablename WHERE wrd LIKE ?'); $stmt->execute(array('partial%')); $rs =$stmt->fetchAll();
Many thanks to him. I was searching for the code & saw many examples, but i couldn't resolve my issue. This time I have succeed to do it. I used the 'Using question mark parameters:' section of the code.
For others help, if you want to retrieve the value from a variable you may change the code to
$stmt->execute(array($variable.'%'));
instead of
$stmt->execute(array('partial%'));
Because the word 'partial' is specified in the answer and can't be changed. Thanks a lot.