Question

我从下面的查询字符串中获取数据，其中可能未设置所有3 country, state and sub。

有时候可能

http://www.example.com/index.php?country=US&state=california&sub=sanjose

http://www.example.com/index.php?country=US&state=california

http://www.example.com/index.php?country=US

然后我这样做：

$stmt = $conn->prepare('select username from arraytest where country = :country and state = :state and sub = :sub');
    $stmt->bindParam(':country', $_GET['country']);
    $stmt->bindParam(':state', $_GET['state']);
    $stmt->bindParam(':sub', $_GET['sub'])
    $stmt->execute();

    while($rows = $stmt->fetch()) {
        echo $rows['username'];
        echo '<br>';
    }

只有当这三个都被绑定时才会起作用。如果没有收到任何一个，则不会返回任何结果。

即使所有这三个都没有绑定，是否有可能让它工作？

示例

http://www.example.com/index.php?country=US会显示

的结果

select username from arraytest where country = US

http://www.example.com/index.php?country=US&state=california会显示

的结果

select username from arraytest where country = US and state = california

http://www.example.com/index.php?country=US&state=california&sub=sanjose会显示

的结果

select username from arraytest where country = US and state=california and sub=sanjose

Answer 1

这样的事情应该这样做;

$sql = 'select username from arraytest where country = :country';

if(isset($_GET['state')) {
  $sql .= ' and state = :state';

if(isset($_GET['sub')) {
  $sql .= ' and sub = :sub';

$stmt = $conn->prepare($sql);

$stmt->bindParam(':country', isset($_GET['country']) ? $_GET['country'] : 'US');

if(isset($_GET['state')) {
  $stmt->bindParam(':state', $_GET['state']);

if(isset($_GET['sub')) {
  $stmt->bindParam(':sub', $_GET['sub']);

编辑：如果它在很多地方使用过，你可能想做一个简单的功能，比如;

function buildstmt($conn, $base, $params, $arr) {
  $prefix = ' WHERE ';
  foreach($params as $param=>$value) {
    if(isset($arr[$param])) $value = $arr[$param];
    if($value != null) {
      $base .= $prefix.$param.'=:'.$param;
      $prefix = ' AND ';
    }
  }
  $stmt = $conn->prepare($sql);
  foreach($params as $param=>$value) {
    if(isset($arr[$param])) $value = $arr[$param];
    if($value != null)
      $stmt->bindParam(':'.$param, $value);
  }
  return $stmt;
}

然后你可以把它称为;

$stmt = buildstmt($conn, 'select username from arraytest',
                  array('country'=>'US', 'state'=>null, 'sub'=>null), $_GET);
$stmt->execute();

Answer 2

准备sql条件

$sql = 'SELECT `username` FROM `arraytest` WHERE 1';

if(!empty($_GET['country'])) {
  $sql .= ' AND country = :country ';
}
if(!empty($_GET['state'])) {
  $sql .= ' AND state = :state ';
}
if(!empty($_GET['sub'])) {
  $sql .= ' AND sub = :sub ';
}

$stmt = $conn->prepare($sql);

bindParam就像这样：

if(!empty($_GET['country'])) {
  $stmt->bindParam(':country', $_GET['country']);
}
if(!empty($_GET['state'])) {
  $stmt->bindParam(':state', $_GET['state']);
}
if(!empty($_GET['sub'])) {
  $stmt->bindParam(':sub', $_GET['sub']);
}

$stmt->execute();

Answer 3

我想出了这个：

$sql = 'select userName from arraytest where ';

if(!empty($_GET['country'])){ 
    echo 'Country Set <br>';
    $sql .= 'country = :country';
    $exe[':country'] = $_GET['country'];
} else { echo 'Country not set';}

if(!empty($_GET['state'])){ 
    echo 'State Set <br>';
    $sql .= ' and state = :state';
    $exe[':state'] = $_GET['state'];
} else { echo 'State not set';}

if(!empty($_GET['sub'])){ 
    echo 'Sub Set <br>';
    $sql .= ' and sub = :sub';
    $exe[':sub'] = $_GET['sub'];
}else{ echo 'Sub not set';}

print_r($exe);
$stmt = $conn->prepare($sql);

$stmt->execute($exe);

while($rows = $stmt->fetch()) {
    echo $rows['userName'];
    echo '<br>';
}

未设置绑定参数的数据时的PHP PDO

3 个答案: