问题描述
我正在尝试从$_REQUEST
变量中获取的字符串执行简单的SELECT
语句,但是我的PDO语句似乎不喜欢字符串格式,为什么?
I'm trying to perform a simple SELECT
statement from a string taken from a $_REQUEST
var but it seem my PDO statement doesn't like the string format, why?
我的$_REQUEST
变量包含类似Hello+World
的字符串,因此我需要用空格替换+
才能正确执行我的SELECT
语句.
My $_REQUEST
var contains a string like Hello+World
, so I need to replace +
with whitespaces to do my SELECT
statement correctly.
// the data returned is Hello+World
$phrase = str_replace ("+", " ", $_REQUEST["my_data"]);
$phrase_select = $connection->prepare ("SELECT data_field FROM my_table WHERE phrase = ':phrase'");
$phrase_select->bindParam (":phrase", $phrase, PDO::PARAM_STR);
$phrase_select->execute ();
$data_field = $phrase_select->fetchColumn (); // return nothing
如果我使用字符串"Hello+World
"手动创建SELECT
,它可以正常工作,但是如果我使用$_REQUEST["my_data"]
进行操作,它将无法正常工作,这是我错了吗?
如果我打印$_REQUEST["my_data"]
,它将完全返回Hello+World
If I make a SELECT
manually with a string "Hello+World
", it works without problems, but if I do it with $_REQUEST["my_data"]
it won't work, where I'm wrong?
If I print $_REQUEST["my_data"]
it return exactly Hello+World
推荐答案
您不必在绑定的参数周围添加"..",pdo会为您完成
you don't have to add the '..' around your bound param, pdo will do that for you
这篇关于PdoStatement-> bindParam()上的字符串编码问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!