dsnm64969 2016-07-16 18:50
浏览 63
已采纳

PDO bindParam日期不起作用

I am a beginner at PDO, I was making a php function to return search results of flights, this is my code:

$db = DB::getConnection();
$stmt = $db->prepare("SELECT * FROM `flights` WHERE `date` BETWEEN :befDate AND :aftDate 
                     AND `from` = :from 
                     AND `to` = :to 
                     AND `weight` >= :weight");
$stmt->bindParam(':befDate', $befDate, PDO::PARAM_STR);    //$befDate = '2016-07-21';
$stmt->bindParam(':aftDate', $aftDate, PDO::PARAM_STR);   //$aftDate = '2016-07-28';
$stmt->bindParam(':from', $from, PDO::PARAM_INT);
$stmt->bindParam(':to', $to, PDO::PARAM_INT);
$stmt->bindParam(':weight', $weight, PDO::PARAM_INT);
$ok = $stmt->execute();
if ($ok) {
    if ($stmt->fetchColumn()>=1) {
        $result = $stmt->fetchAll();
    }
    else{
        $result = 'nope';
    }
  return $result;
}
else{
  return false;
}

The problem is, it is always returning 0 search results. I tried to run my SQL generated through function manually in phpMyAdmin and found that problem is because the SQL being generated by PDO is: 

"SELECT * FROM `FLIGHTS` WHERE `DATE` BETWEEN 2016-07-17 AND 2016-07-25 AND `FROM` = 1237 AND `TO` = 2380 AND `WEIGHT` >= 4"

while the correct SQL from which I am getting results should be:

"SELECT * FROM `FLIGHTS` WHERE `DATE` BETWEEN '2016-07-17' AND '2016-07-25' AND `FROM` = 1237 AND `TO` = 2380 AND `WEIGHT` >= 4"

i.e, with date values between single quotes. Now if I add quotes to my SQL in PDO like:

$stmt = $db->prepare("SELECT * FROM `flights` WHERE `date` BETWEEN ':befDate' AND ':aftDate' 
                         AND `from` = :from 
                         AND `to` = :to 
                         AND `weight` >= :weight");

I get "Invalid parameter number: number of bound variables does not match number of tokens" error. Thanks for you help in advance!

UPDATE:

My "flights" table structure is:

CREATE TABLE `flights` (
  `fid` int(30) NOT NULL,
  `user_id` int(30) NOT NULL,
  `date` date NOT NULL,
  `from` int(30) NOT NULL,
  `to` int(30) NOT NULL,
  `weight` int(30) NOT NULL,
  `size` varchar(30) NOT NULL,
  `details` varchar(200) NOT NULL,
  `price` int(50) NOT NULL,
  `airline` varchar(100) NOT NULL,
  `pnr` varchar(100) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

I tried removing all quotes from query and put it in a single unbroken line as well:

$stmt = $db->prepare("SELECT * FROM flights WHERE date BETWEEN :befDate AND :aftDate AND from = :from AND to = :to AND weight >= :weight");

but still it's not working...

UPDATE 2 To determine what the SQL statement looked like after binding params with PDO (the statement without single quotes) I made a session variable same as my SQL in the beginning of the function and echoed it to view result:

$_SESSION['err'] = "SELECT * FROM flights WHERE date BETWEEN $befDate AND $aftDate 
                         AND from = $from 
                         AND to = $to 
                         AND weight >= $weight";
  • 写回答

1条回答 默认 最新

  • douhaoqiao9304 2016-07-16 19:38
    关注

    This is your primary problem:

    if ($stmt->fetchColumn()>=1) {
    $result = $stmt->fetchAll();
}
else{
    $result = 'nope';
}

    The call to fetchColumn() advances the result set past its first row. Then when you call fetchAll(), it only fetches the remaining rows. It can't go back and fetch the first row, that's lost. So if your query result had only one row, you'll never see it.

    Instead, I would suggest this code:

    $result = $stmt->fetchAll();
if (empty($result)) {
  $result = "nope";
}

    Other tips:

    Never put parameter placeholders inside quotes. If you do, they are not parameter placeholders anymore, they're just literal strings like ":befDate". These are not valid date literals.

    The parameters in an expression like BETWEEN :befDate AND :aftDate don't produce BETWEEN 2016-07-17 AND 2016-07-25 as a query. Parameters never become expressions like that, they always become a scalar value (e.g. a quoted date literal) per parameter.

    I tried your code. First I enabled the MySQL general query log:

    mysql> SET GLOBAL general_log = ON;

    Now I can see exactly what MySQL thinks is the query submitted by PDO. I ran the PHP script, and read my general query log (/var/lib/mysql/localhost.log on my virtual machine):

    160716 19:26:16     8 Connect   root@localhost on test
            8 Query SELECT * FROM `flights` WHERE `date` BETWEEN NULL AND NULL 
                     AND `from` = NULL 
                     AND `to` = NULL 
                     AND `weight` >= NULL
            8 Quit

    Ah, I forgot to set values for the variables bound to the parameters. If you had no value in any of these variables, it would explain why your result is empty, because any comparison to NULL is not true. So I edited the PHP to set sample values to the variables first.

    $befDate = '2016-07-21';
$aftDate = '2016-07-28';
$from = 1;
$to = 2;
$weight = 10;

    I ran the query again, and in the log I see the following:

    160716 19:33:17    13 Query SELECT * FROM `flights` WHERE `date` BETWEEN '2016-07-21' AND '2016-07-28' 
                     AND `from` = 1 
                     AND `to` = 2 
                     AND `weight` >= 10

    This proves that PDO does put quotes around a parameterized value (if it's a string or a date).

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

  • PDO bindParam日期不起作用 mysql php
    2016-07-16 18:50
    回答 1 已采纳 This is your primary problem: if ($stmt->fetchColumn()>=1) { $result = $stmt->fetchA
  • PDO bindParam在foreach中不起作用 mysql php
    2014-10-02 15:18
    回答 2 已采纳 use bindValue() instead of bindParam(). bindParam() binds to a reference, so when you execute the
  • PHP PDO - 使用bindParam INSERT INTO不起作用 mysql php
    2017-08-11 11:08
    回答 3 已采纳 Answering Question 1: PHP PDO - INSERT INTO with bindParam does not work If you're inserting
  • php 中级代码大全(本教程需要一定基础)
    2022-05-31 09:34
    易语言代码小蜜的博客 如:"aaa{$bbb}ccc" 双引号中可以将ASCII码转换为字符 "\x61" -> a // 字符串中不需0,整型中才是0x前导 "\x49\x54\x43\x41\x53\x54" -> ITCAST 将ASCII转成字符函数chr() 将字符转成ASCII函数ord() #双引号转义列表...
  • PHP pdo插入查询不起作用 mysql php
    2016-05-22 01:29
    回答 2 已采纳 You have various mistakes. 1) You are not binding your parameters correctly. To bind them correc
  • PDO bindParam更改我的字符串 php
    2013-10-23 19:06
    回答 4 已采纳 After inspecting it for a while, I found out what was the problem. The form that I got the input
  • 简单的PDO暴力查询不起作用 database mysql php
    2016-02-01 13:00
    回答 1 已采纳 From phpdoc: PDOStatement::rowCount() returns the number of rows affected by the last DELETE,
  • PHP学习笔记
    2019-10-09 04:50
    dijinggui4623的博客 仅适用于单字节字符(字母、数字、半角标点符号),像中文等不可用 $str = "abcd" ; echo $str [3]; // d echo $str {0}; // a /* 【类型操作函数】 */ // 获取/设置类型 gettype ( $var ) ...
  • PDO BindParam没有使用Like语句 mysql php
    2015-05-20 23:16
    回答 1 已采纳 Unfortunately you can't reuse same placeholder when PDO bindParam like you did: email LIKE :sch
  • PDO更新声明不起作用 php
    2013-07-31 13:22
    回答 1 已采纳 You are catching PDO exceptions but did you tell PDO to throw them? To make PDO throw exceptions
  • PDO插入BindParam mysql mysql php
    2018-03-04 13:48
    回答 1 已采纳 No, you cannot use an array with bindParam. In these cases, it is best to refer to the manual: htt
  • php基础
    2019-10-08 08:24
    dezhongyun9806的博客 define(常量名, 常量值, [区分大小写参数]) //true表示不区分/false表示区分大小写 const 常量名 = 常量值 // 新,建议 常量名可以使用特殊字符 constant($name) // 获取常量名 // 例:echo constant('-_-'); /* ...
  • PHP PDO登录过程不起作用 php sql
    2014-03-24 17:17
    回答 1 已采纳 You have a typo. You need to change following line if($password_md5 = $password_query) into fol
  • PHP 精典汇总(转载)
    2019-10-08 03:11
    aileping9605的博客 仅适用于单字节字符(字母、数字、半角标点符号),像中文等不可用 $str = "abcd" ; echo $str [3]; // d echo $str {0}; // a /* 【类型操作函数】 */ // 获取/设置类型 gettype ( $var ) ...
  • 两千行PHP学习笔记
    2019-09-25 13:39
    anbu4093的博客 define(常量名, 常量值, [区分大小写参数]) //true表示不区分/false表示区分大小写 const 常量名 = 常量值 // 新,建议 常量名可以使用特殊字符 constant($name) // 获取常量名 // 例:echo constant('-_-'); /* ...
  • PHP最全笔记
    2019-09-22 08:48
    allforever2010的博客 转换时,参数应是字符串(即不可含八进制的“0”或十六进制的“0x”) 10 dec 2 bin 8 oct 16 hex hexdec() 十六进制转十进制 也可写hex2dec() dechex() 十进制转十六进制 也可写dec2hex() bindec() 二进制转十进制 ...
  • 2019-2020 PHP面试-12家(答案全)
    2019-09-03 23:13
    筑梦悠然的博客 1、判断一个字符串A(ghtabcdef)是否包含另一个字符串B(bac),不考虑顺序。 str_split--将字符串转成数组 function actionIsInclude($a, $b) { bool $found = false; $aArr = str_split($a);//无分隔符的字符串转...
  • PHP笔记
    2019-06-01 20:52
    weixin_30306905的博客 define(常量名, 常量值, [区分大小写参数]) //true表示不区分/false表示区分大小写 const 常量名 = 常量值 // 新,建议 常量名可以使用特殊字符 constant($name) // 获取常量名  // 例:echo constant('-_-'); /...
  • PHP学习笔记收录
    2019-03-06 16:52
    锅巴胸的博客 define(常量名, 常量值, [区分大小写参数]) //true表示不区分/false表示区分大小写 const 常量名 = 常量值 // 新,建议 常量名可以使用特殊字符 constant($name) // 获取常量名 // 例:echo constant('-_-'); /* ...
  • php 基础代码大全(不断完善中)
    2018-07-15 10:42
    weixin_30764883的博客 仅适用于单字节字符(字母、数字、半角标点符号),像中文等不可用 $str = "abcd" ; echo $str [3]; // d echo $str {0}; // a /* 【类型操作函数】 */ // 获取/设置类型 gettype ( $var ) ...
  • 没有解决我的问题, 去提问

悬赏问题

  • ¥15 关于#java#的问题,请各位专家解答!
  • ¥15 急matlab编程仿真二阶震荡系统
  • ¥20 TEC-9的数据通路实验
  • ¥15 ue5 .3之前好好的现在只要是激活关卡就会崩溃
  • ¥50 MATLAB实现圆柱体容器内球形颗粒堆积
  • ¥15 python如何将动态的多个子列表,拼接后进行集合的交集
  • ¥20 vitis-ai量化基于pytorch框架下的yolov5模型
  • ¥15 如何实现H5在QQ平台上的二次分享卡片效果?
  • ¥30 求解达问题(有红包)
  • ¥15 请解包一个pak文件