php - How to parametrize SQL query with multiple WHERE conditions (prepared statement)? -


i have multiple conditions in clause inputted user (call them filters). processing them way (don't worry isn't deployed):

//$by_nickname etc. filters $_get  $conditions = array();  if($by_nickname !="") {     $conditions[] = " players.lastname ('%" . $by_nickname . "%')"; }  if($by_steamid !="") {     $conditions[] = " ids.uniqueid = '$by_steamid'"; }  if($by_ip !="") {     $conditions[] = " players.lastaddress = '$by_ip'"; }  if($by_msg !="") {     $conditions[] = " chat.message ('%" . $by_msg . "%')"; }  if (count($conditions) > 0) {     $where = implode(' , ', $conditions);     $query = "select ... " . $where; } else {     $query = "select ... "; }

instead of use

$conditions[] = " ids.uniqueid = ?";

and on. obtain $where, ? instead of filter values.

query should prepared

$stmt = $mysqli->prepare("select ... $where");

and parametrized this

$stmt->bind_param('ss', $by_nickname, $by_steamid);

but how parametrize query if filters empty? simply, don't know bind_param() method arguments in advance.

i have solved problem using pdo has named parameters. here solution, hope helps somebody.

$by_nickname = $_get['nickname']; $by_steamid = $_get['steamid']; // integer $by_serverid = $_get['serverid'];  $pdo = new pdo("mysql:host=host;port=port;dbname=db;charset=utf8", "user", "password");  $conditions = array(); $parameters = array(); $where = "";  if($by_nickname !="") {     $conditions[] = " players.nickname :nickname";     $parameters[":nickname"] = "%$by_nickname%"; }  if($by_steamid !="") {     $conditions[] = " ids.steamid = :steamid";     $parameters[":steamid"] = $by_steamid; }  if($by_serverid !="") {     $conditions[] = " servers.serverid = :serverid";     // beware of correct parameter type!     $parameters[":serverid"] = intval($by_serverid); }  if (count($conditions) > 0) {     $where = implode(' , ', $conditions); }  // check if $where empty string or not $query = "select ... " . ($where != "" ? " $where" : "");  try {     if (empty($parameters))     {         $result = $pdo->query($query);     }     else     {         $statement = $pdo->prepare($query);         $statement->execute($parameters);         if (!$statement) throw new exception("query execution error.");         $result = $statement->fetchall();     } } catch(exception $ex) {     echo $ex->getmessage(); }  foreach($result $row) {   // example   echo row["<column name>"]; }

Comments

Post a Comment

Popular posts from this blog

1111. appearing after print sequence - php -

morning, i have code takes string of shoe sizes, explodes , puts in table. code works , info displayed correctly on page after table there few 1's after table. i'm confused this. so table looks (in columns of 3 on webpage) available in following sizes: 3 4 5 6 9 10 111 here's codes, purpose of example $x = 3|4|6|10|9 function get_sizes_pipe($x) { $counter = 0; $splits = explode("|",$x); asort($splits); $x = print "<table class='greentable'>"; $x .= print "<thead><tr><th scope='col' colspan='3' abbr='starter'>available in following sizes:</th></tr></thead><tbody><tr>"; foreach ($splits $split) { $entry = print "<td>".$split."</td>"; if($counter == 2){ $entry .= print "</tr><tr>"; $counter =0; } else { $counter++; ...
Read more

java - WARN : org.springframework.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/board/] in DispatcherServlet with name 'appServlet' -

this question has answer here: why spring mvc respond 404 , report “no mapping found http request uri […] in dispatcherservlet”? 3 answers i trying making simple bbs i'm encountering following error, warn : org.springframework.web.servlet.pagenotfound - no mapping found http request uri [/board/] in dispatcherservlet name 'appservlet' i have tried solve error many times, have failed. how can solve error? here web.xml, controllerand , servlet-context. my web.xml <?xml version="1.0" encoding="utf-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <filter> <filter-nam...
Read more

Ruby on Rails, ActiveRecord, Postgres, UTF-8 and ASCII-8BIT encodings -

weirdest error, who’s challenge try , me? spent hours yesterday on , it’s magic. can't believe happening , it's driving me crazy. btw, using: rails 4.2.3 ruby 2.2.3 pg 0.18 encoding.default_internal = encoding.default_external = utf-8 config.encoding = 'utf-8' it has postgres, activerecord , encodings! turns out we’ve been getting these errors whenever create new users on database special characters: encoding::undefinedconversionerror: "\xc3" ascii-8bit utf-8 \xc3 may vary depending on characters. weird part we’ve set since beginning utf-8. makes no sense , digged it, , used script: user.all.each |user| user.attributes.each |name, value| if value.is_a? string puts user.email + name.encoding.to_s + value.encoding.to_s end end end and output of 1 of users, users same: dr_lottahelp@blahblah.comutf-8utf-8 dr_lottahelp@blahblah.comutf-8ascii-8bit dr_lottahelp@blahblah.comutf-8ascii-8bit dr_lottahelp@blahblah.comutf-8asci...
Read more