mysql PDO how to bind LIKE

匿名 (未验证) 提交于 2019-12-03 01:27:01

问题:

In this query

select wrd from tablename WHERE wrd LIKE '$partial%' 

I'm trying to bind the variable '$partial%' with PDO. Not sure how this works with the % at the end.

Would it be

select wrd from tablename WHERE wrd LIKE ':partial%' 

where :partial is bound to $partial="somet"

or would it be

select wrd from tablename WHERE wrd LIKE ':partial' 

where :partial is bound to $partial="somet%"

or would it be something entirely different?

回答1:

+1 karim's answer covers it. You could also say:

"SELECT wrd FROM tablename WHERE wrd LIKE CONCAT(:partial, '%')" 

to do the string joining at the MySQL end, not that there's any particular reason to in this case.

Things get a bit more tricky if the partial wrd

Hopefully that doesn't affect you, but if you do need to get that case right, here's the messy solution:

$stmt= $db->prepare("SELECT wrd FROM tablename WHERE wrd LIKE :term ESCAPE '+'"); $escaped= str_replace(array('+', '%', '_'), array('++', '+%', '+_'), $var); $stmt->bindParam(':term', $escaped); 


回答2:

$var = "partial%"; $stmt = $dbh->prepare("select wrd from tablename WHERE wrd LIKE :partial"); $stmt->bindParam(":partial", $var); $stmt->execute(); // or $stmt->execute(array(':partial' => $var)); without                    // first calling bindParam() $rs = $stmt->fetchAll(); 

Using question mark parameters:

$stmt = $dbh->prepare('select wrd from tablename WHERE wrd LIKE ?'); $stmt->execute(array('partial%')); $rs = $stmt->fetchAll(); 

http://www.php.net/manual/en/pdo.prepare.php



回答3:

You can use addcslashes before prepared statement. I tested on mysql.

$value = addcslashes($value, '%'); $stmt = $db->prepare('select * from products where description like ?'); $stmt->execute(["$value%"]); 


回答4:

This is how you should do it

bindValue(':partial', '%' . $_GET['partial'] . '%'); 

Thanks,

Qwerty



回答5:

The below code it shows only the first keywords in the database!

"SELECT wrd FROM tablename WHERE wrd LIKE CONCAT(:partial, '%')" 

Try this one if you want to search all the keywords from the database

"SELECT wrd FROM tablename WHERE wrd LIKE :partial"; $stmt->execute(array(':partial'=>'%'.$YourVarHere.'%')); 


回答6:

Who has written the answare (may be karim79):

$var ="partial%" $stmt =$dbh->prepare("select wrd from tablename WHERE wrd LIKE :partial") $stmt->bindParam(":partial",$var) $stmt->execute(); //or$stmt->execute(array(':partial'=>$var)); without                    // first calling bindParam() $rs =$stmt->fetchAll(); 

Using question mark parameters:

$stmt =$dbh->prepare('select wrd from tablename WHERE wrd LIKE ?'); $stmt->execute(array('partial%')); $rs =$stmt->fetchAll(); 

Many thanks to him. I was searching for the code & saw many examples, but i couldn't resolve my issue. This time I have succeed to do it. I used the 'Using question mark parameters:' section of the code.

For others help, if you want to retrieve the value from a variable you may change the code to

$stmt->execute(array($variable.'%')); 

instead of

$stmt->execute(array('partial%')); 

Because the word 'partial' is specified in the answer and can't be changed. Thanks a lot.



标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!