dsd30433
dsd30433
2017-08-15 00:21

在sql语句中包含变量的正确方法是什么[重复]

已采纳

This question already has an answer here:

I want to include a variable in my sql statement but it's not outputting any data. How do I include a variable correctly?

$vStyles = $wpdb->get_results( 'SELECT slug from vf_venuestyles WHERE vid = "$vid"');

</div>
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

3条回答

  • dongzaobei0942 dongzaobei0942 4年前

    Change the quote marks around: $vStyles = $wpdb->get_results("SELECT slug from vf_venuestyles WHERE vid = '$vid'");

    But, unless that function / class already does something magic about that, you should look into using something with proper prepared statements.

    点赞 评论 复制链接分享
  • dongyue0263 dongyue0263 4年前

    Variables only get executed if they are inside double quotes.

    Simply swap your quotation marks like this:

    $vStyles = $wpdb->get_results("SELECT slug from vf_venuestyles WHERE vid = '$vid'");
    

    Or combine the query with the variable, like this, remembering to also include the secondary quotation marks:

    $vStyles = $wpdb->get_results('SELECT slug from vf_venuestyles WHERE vid = '" . $vid . '"');
    

    Hope this helps! :)

    点赞 评论 复制链接分享
  • doushih06137 doushih06137 4年前

    The best way is to use prepared statement

    $stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (:name, :value)");
    $stmt->bindParam(':name', $name);
    $stmt->bindParam(':value', $value);
    
    // insert line
    $name = 'one';
    $value = 1;
    $stmt->execute();
    
    点赞 评论 复制链接分享