1. 首页
  2. 问答
  3. 有条件搜索与PDO

有条件搜索与PDO

2013-07-08 105 views
-1

我试图将以下MYSQL查询转换为PDO语句与准备和执行功能,但因为我是新的PDO我不知道,我怎么能将它转换为PDO声明!有任何想法吗?有条件搜索与PDO

$db = new PDO('mysql:dbname=MYDBNAME;host=MYHOST', 'USERNAME', 'PASSWORD'); 

$searchName = $db->quote($_GET["searchstr"]); 

$searchTerms = explode(' ', $searchName); 
$searchTermBits = array(); 

foreach ($searchTerms as $term) 
{ 
    $term = trim($term); 
    if (!empty($term)) 
      $searchTermBits[] = "f_name LIKE '%$term%' OR l_name LIKE '%$term%'"; 
    else 
      $searchTermBits[] = "f_name = '$term'"; 
} 

$mysqlResult = $db->query("SELECT * FROM food_tbl WHERE (" . implode(' OR ', $searchTermBits) . ") AND country_id = 1 ORDER BY id DESC;");

来源

2013-07-08 iSun

+0

查看文档:http://php.net/manual/de/book.pdo.php – luk2302

+0

@ luk2302我知道如何使用'PDO',我的主要问题是我无法转换上面的搜索查询到'PDO'语句查询。 – iSun

+0

您的代码段中没有PDO代码,请提供您已有的PDO代码,以便我们改进。 – luk2302

回答

2 
// sanitize and build the searchTerms from the incoming `searchstr` 
$searchTerms = !empty($_GET['searchstr']) 
      ? explode(' ', $_GET['searchTerms']) 
      : array(); 

// setup a dynamic list of arguments being passed in 
$where = array(); 
$params = array(); 
foreach ($searchTerms as $term) { 
    $term = trim($term); 
    if (!empty($term){ 
    $where[] = 'l_name LIKE ?'; 
    $params[] = $term; 
    } 
    $where[] = 'f_name ' . (empty($term) ? '=' : 'LIKE') . ' ?'; 
    $params[] = $term; 
} 

// establish a new PDO object 
$db = new PDO('...'); 

// prepare your query statement using the "static" query and a compiled 
// query built from the above loop. 
$query = $db->prepare('SELECT * ' 
        . 'FROM  food_tbl ' 
        . 'WHERE country_id = 1 ' 
        . ' AND (' . implode(' OR ', $where) . ') ' 
        . 'ORDER BY id DESC'); 
// pass in the list of parameters from the above loop to the prepared 
// statement and return the result 
$result = $query->execute($params); 

/* Work with $result */

可以动态填充$where$params为1:1参数到值列表,然后从列表$where建立您的查询,并通过在匹配$params列表。

我建议节省开了一个变量的实际查询它传递给$db->prepare()echo/var_dump它(与$params一起)之前,所以你可以看到什么是被移交给了PDO。有时候,一张图片胜过1000个单词,并且可视化它使它不像一个黑盒子,更容易理解。

来源

2013-07-08 13:29:06

+0

谢谢,但它什么也没有返回,下面是来自var_dump的SQL:'object(PDOStatement)#5(1){[“queryString”] => string(152)“SELECT * FROM food_tbl WHERE country_id = 1 AND(f_name LIKE? OR l_name LIKE?)ORDER BY id DESC;“} – iSun

+0

@iSun:看起来正确。那么'$ params'数组呢? –

+0

通过在'$ params'数组中添加%来完成。 – iSun

相关问题

 相关问题