MySQL WHERE 'all' 当没有提供值时
MySQL WHERE 'all' when no value supplied
我正在编写一个工具来搜索我数据库中的不同记录,您必须在其中指定年份。但是,如果没有输入年份值,或者等于零,我希望能够 select 所有记录。
$stmt = $mysqli->prepare("SELECT * FROM performances WHERE year = ?");
$stmt->bind_param("i", $year);
我曾尝试执行 if 语句,但它们失败了,因为 bind_param 中的参数多于查询中的空格,m.sh:
$stmt = $mysqli->prepare("SELECT *
FROM performances
. (($year != 0) ? " WHERE year = ? " : " ")
. "");
$stmt->bind_param("i", $year);
谢谢
您可以通过不同的方式实现这一点,例如:
$stmt = $mysqli->prepare("SELECT * FROM performances WHERE year = :year or 0 = :year");
$stmt->bind_param("year", $year);
ShyForNow 有一个很好的答案。我还建议验证进入 SQL:
的输入
$year = sprintf("%d", $year); -- or even throw exception if $year is not numeric
if ($year > 0) -- or could also write if ($year >= $minAcceptableYear and $year <= $maxAcceptableYear)
{
$stmt = $mysqli->prepare("SELECT * FROM performances WHERE year = ?");
$stmt->bind_param("i", $year);
}
else
{
$stmt = $mysqli->prepare("SELECT * FROM performances");
}
我正在编写一个工具来搜索我数据库中的不同记录,您必须在其中指定年份。但是,如果没有输入年份值,或者等于零,我希望能够 select 所有记录。
$stmt = $mysqli->prepare("SELECT * FROM performances WHERE year = ?");
$stmt->bind_param("i", $year);
我曾尝试执行 if 语句,但它们失败了,因为 bind_param 中的参数多于查询中的空格,m.sh:
$stmt = $mysqli->prepare("SELECT *
FROM performances
. (($year != 0) ? " WHERE year = ? " : " ")
. "");
$stmt->bind_param("i", $year);
谢谢
您可以通过不同的方式实现这一点,例如:
$stmt = $mysqli->prepare("SELECT * FROM performances WHERE year = :year or 0 = :year");
$stmt->bind_param("year", $year);
ShyForNow 有一个很好的答案。我还建议验证进入 SQL:
的输入$year = sprintf("%d", $year); -- or even throw exception if $year is not numeric
if ($year > 0) -- or could also write if ($year >= $minAcceptableYear and $year <= $maxAcceptableYear)
{
$stmt = $mysqli->prepare("SELECT * FROM performances WHERE year = ?");
$stmt->bind_param("i", $year);
}
else
{
$stmt = $mysqli->prepare("SELECT * FROM performances");
}