dongshuobei1037 2014-04-02 20:26
浏览 64
已采纳

将MYSQL *查询转换为带占位符的PDO ready语句

Im having real trouble converting a SQL query from mysql to a PDO prepared statement. It is the following and it is used to calculate the distance between a coordinate stored in a session (the users position) and a coordinate in the database, and if it is within a radius determined by the user:

$query = "
SELECT 
* 
FROM 
first_page_data 
WHERE 
((((acos(sin((".$_SESSION['alat']."*pi()/180)) * 
sin(('geo_lat1'*pi()/180))+cos((".$_SESSION['alat']."*pi()/180)) * 
cos(('geo_lat1'*pi()/180)) * cos(((".$_SESSION['alon']."- 'geo_lon1') * 
pi()/180))))*180/pi())*60*1.1515) * (1.609344/1000)) < ".$_SESSION['aradius'];

I want to change the session variables, and the geo_lat and geo_lon variables into placeholders so I can bind the values to them but I cant for the life of me get it to work!

I dont even know how to see how im getting on because once ive replaced the variables above with placeholders (ive been using the unnamed questionmark placeholders) and then binded the values to them, I dont know how to retrieve the compiled query from $stmt before I execute it:

$stmt = db->prepare($query);
$stmt->bindValue(1, $_SESSION['alat'], PDO::PARAM_STR);
**more bindings**
$stmt->execute();
  • 写回答

1条回答 默认 最新

  • dtwvr26066 2014-04-02 20:39
    关注

    These changes are very trivial. I put in placeholder names, removed the string concatenation, and removed the incorrect quotes. It could use help with formatting, or perhaps a UDF.

    # Change string-concat for placeholders
$query = "
SELECT 
* 
FROM 
first_page_data 
WHERE 
((((acos(sin(( :lat1 *pi()/180)) * 
sin((geo_lat1*pi()/180))+cos(( :lat2 *pi()/180)) * 
cos((geo_lat1*pi()/180)) * cos((( :lon - geo_lon1) * 
pi()/180))))*180/pi())*60*1.1515) * (1.609344/1000)) < :rad";

# Bind values (PARAM_STR is default)
# While PDO does support using a named parameter multiple times
# when emulating placeholders, this is not guaranteed. To be safe,
# here the code is binding the same value to two "different" params.
$stmt = db->prepare($query);    
$stmt->bindValue(":lat1", $_SESSION['alat']);
$stmt->bindValue(":lat2", $_SESSION['alat']);
$stmt->bindValue(":lon", $_SESSION['along']);
$stmt->bindValue(":rad", $_SESSION['aradius']);

# Execute! I recommend enabling PDO Exceptions to avoid so much
# manual error-checking of result values.
$stmt->execute();

    Now, there is no direct way to see the statement with data as that's not how placeholders work - even if PDO internally emulates placeholders it's merely an implementation detail and you don't get to see it.

    However, there are various solutions to the more general task of "debugging statements" discussed in How to debug PDO database queries? (I recommend using the database logging for development as your code probably shouldn't be logging or printing queries directly.)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示
  • ¥15 求三国群英传pl国战时间的修改方法
  • ¥15 matlab代码代写,需写出详细代码,代价私
  • ¥15 ROS系统搭建请教(跨境电商用途)
  • ¥15 AIC3204的示例代码有吗,想用AIC3204测量血氧,找不到相关的代码。