我正在尝试更改为准备好的语句,但始终收到以下错误:
警告:PDO::query():SQLSTATE [42000]:语法错误或访问冲突:1064您有一个
SQL语法错误;检查与您的MySQL服务器版本相对应的手册,以在':fname AND 附近使用正确的语法
这是即时通讯使用的代码:
$street = 'astreet';
$lname = 'alname';
$fname = 'afname';
$list = '1,2,3,4,5';
$var = 'admin';
$db = new PDO("mysql:dbname=customers;host=localhost",$var,$var);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
$sql = "SELECT * FROM `table` WHERE `id` in ($list) AND `first_name` LIKE :fname AND `last_name` LIKE :lname AND `street_name` LIKE :street";
$stmt = $db->prepare($sql);
$stmt->execute(array(':street' => $street));
$stmt->execute(array(':fname' => $fname));
$stmt->execute(array(':lname' => $lname));
$result = $db->query($sql);
foreach ($result as $row) {
echo $row['post_code'];
}
如果我正常运行查询-而不是准备好的台词-它工作正常-仅当我开始向查询中添加:variables 时,才出现错误
是否有任何代码丢失/不正确?
谢谢
最佳答案
$stmt = $db->prepare($sql);
$stmt->execute(array(':street' => $street));
$stmt->execute(array(':fname' => $fname));
$stmt->execute(array(':lname' => $lname));
您正在运行相同的查询三次,每次使用不同的参数。您需要这样运行查询:
$stmt = $db->prepare($sql);
$stmt->execute(array(':street' => $street, ':fname' => $fname, ':lname' => $lname));
一口气传递所有三个参数。
编辑添加:
您也可以尝试显式绑定(bind)参数:
$stmt = $db->prepare($sql);
$stmt->bindParam(':street', $street);
$stmt->bindParam(':fname', $fname);
$stmt->bindParam(':lname', $lname);
$stmt->execute();
或将它们添加为数组:
$sql = "SELECT * FROM `table` WHERE `id` in ($list) AND `first_name` LIKE ? AND `last_name` LIKE ? AND `street_name` LIKE ?";
$stmt = $db->prepare($sql);
$stmt->execute(array($fname, $lname, $street));
关于php - php准备好的语句SQLSTATE [42000] : Syntax error or access violation: 1064,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/17135270/