php pdo执行失败并出现执行错误[重复]

Question

我正在为正在完成的教程创建一个简单的搜索查询，但它失败了。我收到以下错误：

警告：PDOStatement::execute(): SQLSTATE[HY093]: 无效参数 number：绑定变量的数量与中的标记数量不匹配 C:\xampp\htdocs\cms\blog.php 第 73 行

我是 php 新手，不明白这是什么意思。任何人都可以帮助菜鸟吗？

if(isset($_GET["search"])){

              $search = $_GET["search"];

              $sql = "SELECT * FROM posts WHERE
              datetime LIKE :Search
              OR title LIKE :Search
              OR category LIKE :Search
              OR author LIKE :Search
              OR post LIKE :search";

              $stmt = $connect->prepare($sql);
              $stmt->bindValue(':search','%'.$search.'%');
              $stmt->execute();
            }

Answer 1

您的绑定参数查询有误。我建议你编辑你的代码如下：

if(isset(filter_input(INPUT_GET, "search", FILTER_SANITIZE_STRING))){

      //You should avoid accessing these global variables directly and use filter_input method to access them instead to make your application more secure
      $search = filter_input(INPUT_GET, "search", FILTER_SANITIZE_STRING);

      //Also possibly your server is case sensitive so it won't work if you use :Search for binding.
      $sql = "SELECT * FROM posts WHERE
      datetime LIKE :search
      OR title LIKE :search
      OR category LIKE :search
      OR author LIKE :search
      OR post LIKE :search";

      $stmt = $connect->prepare($sql);
      $stmt->bindValue(':search', "%{$search}%");
      $stmt->execute();
    }

我在上面的代码示例中添加了解释性 cmets。请阅读它们以获得进一步的解释。我希望这会有所帮助。

干杯！