为什么我不能将表名传递给准备好的PDO语句?
$stmt = $dbh->prepare('SELECT * FROM :table WHERE 1');
if ($stmt->execute(array(':table' => 'users'))) {
var_dump($stmt->fetchAll());
}
是否有另一种安全的方法将表名插入SQL查询?安全我的意思是我不想这样做
$sql = "SELECT * FROM $table WHERE 1"
I know this problem came multiple times, but i cannot find the mistake in my code. In my update-branch every $stmt->bindValue(...) returns TRUE, but i catch the pdo exception
SQLSTATE[HY093]: Invalid parameter number: parameter was not defined
Inserting a new entry works fine.
In my mysql-database the structure of table 'system' is:
id -> int(11), primary key
computer_name -> varchar(255)
cpu_speed -> int(11)
ram_size -> int(11)
mac_address -> varchar(255)
operating_system -> varchar(255)
My error-throwing code:
// Search for mac_address.
// …所以我在我的控制器中调用了我的 Laravel 模型上的这个查询
模型:
public static function predikat($masa, $ipk_yudisium){
$searchFilter = DB::select(DB::raw("SELECT
m_predikat_yudisium.keterangan
FROM m_predikat_yudisium WHERE
m_predikat_yudisium.masa_awal_berlaku <= :masa and
m_predikat_yudisium.masa_akhir_berlaku >= :masa and
m_predikat_yudisium.range_awal_ipk <= :ipk_yudisium and
m_predikat_yudisium.range_akhir_ipk >= :ipk_yudisium and
m_predikat_yudisium.group_id = 1"),
array('masa' => $masa,
'ipk_yudisium' => $ipk_yudisium
)
)
;
foreach ($searchFilter as $predikat){
return $predikat;
}
$predikat = (object) array('keterangan' => "" );
return $predikat;
}
控制器 :
$masa = $request->input('masa');
$ipk_yudisium= $request->input('ipk_yudisium');
$predikat = $data->predikat($masa, $ipk_yudisium); //$data is my model called name
但我无法执行该查询,它收到一条错误消息:
SQLSTATE[HY093]: …