dongxikuo5171 2013-04-16 16:41
浏览 169
已采纳

使用PDO语句更新

I am still getting my head around a PDO statement but the code below does not do what I assumed it would

  $temp = "6c ";    
  $weather_report = "Its currently $temp " ; 

  $qry = $pdo->exec("UPDATE data_weather SET text= '$weather_report' WHERE period='report' ");

This does update my database but only with 'Its currently' and the temp value is missing ,

After reading some articles I believe I need to use quote but I am not sure how to implement it ?

any help please ?

  • 写回答

2条回答 默认 最新

  • dqjo4340 2013-04-16 16:44
    关注

    Please use query parameters instead of interpolating variables into SQL strings.
    It's safer, faster, and easier.

    $temp = "6c ";    
    $weather_report = "It's currently $temp " ; 
    
    $sql = "UPDATE data_weather SET text= ? WHERE period='report'";
    $stmt = $pdo->prepare($sql);
    $stmt->execute(array($weather_report));
    

    Note that you don't need to quote the string. In fact, you must not put quotes around the ? placeholder. You can use apostrophes inside your weather report string safely.

    You can use a parameter placeholder any place you would normally put a single scalar value in an SQL expression. E.g. in place of a quoted string, quoted date, or numeric literal. But not for table names or column names, or for lists of values, or SQL keywords.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 求差集那个函数有问题,有无佬可以解决
  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题