3

所以我正在尝试使用 PDO 构建和准备动态的 mysql 查询。这是我的代码和调试信息。

$allowed_filters = array('hotels.star_rating', 'countries.id');

$where = 'WHERE 1 ';
if (!empty($data['filters'])){
    $where = 'WHERE';
    foreach ($data['filters'] as $field => $value){
        if (in_array($field, $allowed_filters)){
            $where .= " $field = :$field &&";
        }
        else unset($data['filters'][$field]);
    }

    $where = rtrim($where, '&&');
    $where = ($where == 'WHERE')? 'WHERE 1 ' : $where;
}

$st = $this->db->prepare("
    SELECT 
        hotels.code,
        hotels.name as name,
        hotels.star_rating,
        hotels.description,
        hotels.cover_image,
        countries.name as country,
        cities.name as city 
    FROM  
        hotels JOIN cities ON cities.id = hotels.city_id
        join countries on countries.id = cities.country_id
    $where
");

$st->execute($data['filters']);
var_dump($st->fetch());

在 $st->execute($data['filters']) 行之前,我转储了 $st 和 $data['filters']。值如下。

$st 的价值

PDOStatement Object
(
    [queryString] => 
        SELECT 
            hotels.code,
            hotels.name as name,
            hotels.star_rating,
            hotels.description,
            hotels.cover_image,
            countries.name as country,
            cities.name as city 
        FROM  
            hotels JOIN cities ON cities.id = hotels.city_id
            join countries on countries.id = cities.country_id
        WHERE 
            hotels.star_rating = :hotels.star_rating && 
            countries.id = :countries.id 
)

$data['filters'] 的值

Array
(
    [hotels.star_rating] => 4 stars
    [countries.id] => 5
)

PDO 引发异常并失败并出现以下错误。

SQLSTATE [HY093]:无效的参数号:未定义参数'

帮助?

4

1 回答 1

1

:您忘记了键中的冒号$data['filters']。它应该是:

Array
(
    [:hotels.star_rating] => 4 stars
    [:countries.id] => 5
)
于 2012-06-24T18:47:21.670 回答