我有以下查询。
$mysqldb = mysqlidb_class();
$query = "select * from post where idx < ?"
然后我绑定参数并执行。
$bindvariable = array();
array_push($bindvariable, $post_photoidx);
array_push($bindvariable, $post_idx);
$res = $mysqldb->rawQuery($query, $bindvariable);
然后我收到以下错误。
Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement
但是当我像下面这样更改查询时,错误消失了。
$query = "select * from post where idx = ?"
我在这里做错了什么?
这是我用于 mysql 查询的类
<?php
class MysqliDb
{
......
public function rawQuery ($query, $bindParams = null, $sanitize = true)
{
$this->_query = $query;
if ($sanitize)
$this->_query = filter_var ($query, FILTER_SANITIZE_STRING,
FILTER_FLAG_NO_ENCODE_QUOTES);
$stmt = $this->_prepareQuery();
if (is_array($bindParams) === true) {
$params = array(''); // Create the empty 0 index
foreach ($bindParams as $prop => $val) {
$params[0] .= $this->_determineType($val);
array_push($params, $bindParams[$prop]);
}
call_user_func_array(array($stmt, 'bind_param'), $this->refValues($params));
}
$stmt->execute();
$this->_stmtError = $stmt->error;
$this->reset();
return $this->_dynamicBindResults($stmt);
}
......
protected function _buildQuery($numRows = null, $tableData = null)
{
$this->_buildJoin();
$this->_buildTableData ($tableData);
$this->_buildWhere();
$this->_buildGroupBy();
$this->_buildOrderBy();
$this->_buildLimit ($numRows);
$this->_lastQuery = $this->replacePlaceHolders ($this->_query, $this->_bindParams);
if ($this->isSubQuery)
return;
// Prepare query
$stmt = $this->_prepareQuery();
// Bind parameters to statement if any
if (count ($this->_bindParams) > 1)
call_user_func_array(array($stmt, 'bind_param'), $this->refValues($this->_bindParams));
return $stmt;
}
protected function _prepareQuery()
{
if (!$stmt = $this->_mysqli->prepare($this->_query)) {
trigger_error("Problem preparing query ($this->_query) " . $this->_mysqli->error, E_USER_ERROR);
}
return $stmt;
}
protected function refValues($arr)
{
//Reference is required for PHP 5.3+
if (strnatcmp(phpversion(), '5.3') >= 0) {
$refs = array();
foreach ($arr as $key => $value) {
$refs[$key] = & $arr[$key];
}
return $refs;
}
return $arr;
}
......
} // END class
你可能不使用 array(2)。相反,请使用
$sql = "select * from post where idx < :i";
$stmt->bindparam("i", 2);
$stmt->execute();
或使用
$array = array($something,$else,$whatever);
$sql = "select * from post where idx < ?";
$stmt->bindparam("i", $array[2]);
$stmt->execute();
看起来
您没有在向查询出价参数之前准备查询。
$sql = "SELECT * FROM post WHERE idx < ?";
if($stmt = $stmt->prepare($sql)) {
$stmt->bind_param('i', 2);
$stmt->execute();
}
Santize过滤器破坏了我的SQL查询。
我已将源更改为以下内容以解决此问题。
$mysqldb->rawQuery($query, $bindvariable, false);