问题
I'm trying to perform a simple SELECT statement from a string taken from a $_REQUEST var but it seem my PDO statement doesn't like the string format, why?
My $_REQUEST var contains a string like Hello+World, so I need to replace + with whitespaces to do my SELECT statement correctly.
// the data returned is Hello+World
$phrase = str_replace ("+", " ", $_REQUEST["my_data"]);
$phrase_select = $connection->prepare ("SELECT data_field FROM my_table WHERE phrase = ':phrase'");
$phrase_select->bindParam (":phrase", $phrase, PDO::PARAM_STR);
$phrase_select->execute ();
$data_field = $phrase_select->fetchColumn (); // return nothing
If I make a SELECT manually with a string "Hello+World", it works without problems, but if I do it with $_REQUEST["my_data"] it won't work, where I'm wrong?
If I print $_REQUEST["my_data"] it return exactly Hello+World
回答1:
you don't have to add the '..' around your bound param, pdo will do that for you
来源:https://stackoverflow.com/questions/2214220/string-encoding-problem-on-pdostatement-bindparam