使用%通配符的Mysqli准备语句
问题描述:
Im am trying to build a dynamic prepared statement so that I can reuse the code. I am running into a problem when using %?% in my prepared state as it used LIKE. My code is as follows:
$where = " First_Name LIKE '%?%' ";
$vals = array('Mike');
$type = 's';
$dbd = mysqli_stmt_init($dbconnection);
if (mysqli_stmt_prepare($dbd, "SELECT * FROM Contacts WHERE $where" )) {
mysqli_stmt_bind_param($dbd, $type, ...$vals);
if (!mysqli_stmt_execute($dbd)) {
echo "Execute Error: " . mysqli_error($dbconnection);
} else {
//do nothing
}
} else {
echo "Prep Error: " . mysqli_error($dbconnection);
}
mysqli_stmt_get_result($dbd);
So when I use "First_Name = ?" it works fine so I think my issue is with the '%?%'. I have searched resolutions but couldn't find anything related to my dynamic prepared statement. Thank you for any help.
我正在尝试构建一个动态预准备语句,以便我可以重用代码。 我在准备状态下使用%?%时遇到问题,因为它使用了LIKE。 我的代码如下: p>
$ where =“First_Name LIKE'%?%'”;
$ vals = array('Mike');
$ type = 's';
$ dbd = mysqli_stmt_init($ dbconnection);
if(mysqli_stmt_prepare($ dbd,“SELECT * FROM Contacts WHERE $ where”)){
mysqli_stmt_bind_param($ dbd,$ type,... $ vals);
if(!mysqli_stmt_execute($ dbd)){
echo“执行错误:”。 mysqli_error($ dbconnection);
} else {
//什么都不做
}
}其他{
echo“Prep Error:”。 mysqli_error($ dbconnection);
}
mysqli_stmt_get_result($ dbd);
code> pre>
所以当我使用“First_Name =?”时 它工作正常所以我认为我的问题是'%?%'。 我已经搜索过决议但找不到任何与我的动态准备声明有关的内容。 感谢您的帮助。 p>
div>
答
You need to bind the complete value, not just a portion of it. This means doing:
$where = "First_Name LIKE ?"
And then binding:
$vals = array('%Mike%');