将PHP变量传递给oci_parse中的sql查询
问题描述:
I am passing a PHP varibale into a oracle sql query. but its not taking it properly giving me ORA errors like - invalid character. I tried escaping the varibale as \'$sid\', this makes error go, but the query doesnt return anything. Is there a way to pass PHP variable to oracle query
if(isset($_POST['action']))
{
$sid = $_POST['action'];
$stid = oci_parse($conn, 'SELECT emp from table emp='$sid'');
oci_execute($stid);
}
I have removed to the database connection part for brevity.
我将PHP varibale传递给oracle sql查询。 但它没有正确地给我ORA错误,如 - 无效的字符。 我尝试将varibale转义为\'$ sid \',这会导致错误,但查询不会返回任何内容。 有没有办法将PHP变量传递给oracle查询 p>
if(isset($ _ POST ['action']))
{
$ sid = $ _POST ['action'];
$ stid = oci_parse($ conn,'SELECT emp from table emp ='$ sid '');
oci_execute($ stid);
}
code> pre>
为简洁起见,我已移至数据库连接部分。 p>
div>
答
'SELECT emp from table emp=\'$sid\'' is a string that you pass exactly as it is to Oracle, this is why it doesn't work.
You need to use oci_bind_by_name to bind a placeholder to a PHP variable.
Example:
$variable = 42;
$stid = oci_parse($conn, 'SELECT col_name FROM tbl_name WHERE col_name > :num;');
oci_bind_by_name($stid, ":num", $variable);
oci_execute($stid);