下面是我的查询
public function total_registration_month($from1,$to1){
$q = $this->link->prepare('SELECT advisor, COUNT(*) as total
FROM
(
SELECT advisor
FROM training_details
WHERE ndate BETWEEN $from1 AND $to1
UNION ALL
SELECT advisor
FROM student_details
WHERE registereddate
BETWEEN $from1 AND $to1
) AS advisor
GROUP BY advisor');
$q->execute();
$count = $q->fetchall();
return $count;
}
如何将传递的from1和to1值添加到Between from date和to date。如果我直接应用变量或单独应用,它会显示错误。
当您使用PDO时,您还应该使用像这样的参数化查询
public function total_registration_month($from1,$to1){
$q = $this->link->prepare('SELECT advisor, COUNT(*) as total
FROM
(
SELECT advisor
FROM training_details
WHERE ndate BETWEEN :fromd AND :tod
UNION ALL
SELECT advisor
FROM student_details
WHERE registereddate BETWEEN :fromd1 AND :tod1
) AS advisor
GROUP BY advisor');
$params = array(':fromd' => $from1,':tod' => $to1,
':fromd1' => $from1,':tod1' => $to1);
$res = $q->execute($params);
if ( ! $res ) {
print_r( $q->errorInfo() );
exit;
}
$count = $q->fetchall();
return $count;
}
这也消除了如何将数据连接到查询中的所有问题,因为它都由PDO照看,并且还消除了从用户接收到的数据的任何SQL注入问题
public function total_registration_month($from1,$to1){
$q = $this->link->prepare("SELECT advisor, COUNT(*) as total
FROM
(
SELECT advisor
FROM training_details
WHERE ndate BETWEEN '$from1' AND '$to1'
UNION ALL
SELECT advisor
FROM student_details
WHERE registereddate
BETWEEN '$from1' AND '$to1'
) AS advisor
GROUP BY advisor");
$q->execute();
$count = $q->fetchall();
return $count;
}
如果有PDO连接,请尝试以下代码:
$q = $this->link->prepare('SELECT advisor, COUNT(*) as total
FROM
(
SELECT advisor
FROM training_details
WHERE ndate BETWEEN ? AND ?
UNION ALL
SELECT advisor
FROM student_details
WHERE registereddate
BETWEEN ? AND ?
) AS advisor
GROUP BY advisor');
$q->execute(array($from1,$to1,$from1,$to1));
$count = $q->fetchall();
注意'?'(问号)