razorsese Posted April 26, 2012 Share Posted April 26, 2012 I'm having a problem whit the pdo - sql statement: It dosen't return anything but when i try $sql = " SELECT en FROM word WHERE MATCH (sp) AGAINST (:word IN BOOLEAN MODE ) "; without the pdo it's working perfectly $sql = " SELECT en FROM word WHERE MATCH (:sp) AGAINST (:word IN BOOLEAN MODE ) "; $st = $con->prepare($sql); $st->bindValue(":word",$word,PDO::PARAM_STR); $st->bindValue(':sp','sp',PDO::PARAM_STR); $st->execute(); Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/ Share on other sites More sharing options...
Jessica Posted April 26, 2012 Share Posted April 26, 2012 what is the value of $word? Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/#findComment-1340716 Share on other sites More sharing options...
razorsese Posted April 26, 2012 Author Share Posted April 26, 2012 Sorry for my late reply!! The $word value is a value entered by user I always use "honey" for test Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/#findComment-1340762 Share on other sites More sharing options...
Jessica Posted April 26, 2012 Share Posted April 26, 2012 Are you sure that $word is actually being populated? If you echo it do you see a value? Does that value actually exist in the DB? Do you have error reporting turned on? Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/#findComment-1340767 Share on other sites More sharing options...
razorsese Posted April 26, 2012 Author Share Posted April 26, 2012 Yes because when i remove the pdo from mysql statement it's working perfectly whit that value And my error report are on Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/#findComment-1340771 Share on other sites More sharing options...
kicken Posted April 26, 2012 Share Posted April 26, 2012 You can't bind a column name, only values. What your running is a statement more like: SELECT en FROM word WHERE MATCH ('sp') AGAINST ('honey' IN BOOLEAN MODE ) Your matching the literal string value 'sp' against the word honey. Just put your column name in directly rather than bindValue a placeholder. $sql='SELECT en FROM word WHERE MATCH (sp) AGAINST (:word IN BOOLEAN MODE ) '; $st = $con->prepare($sql); $st->bindValue(":word",$word,PDO::PARAM_STR); $st->execute(); Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/#findComment-1340805 Share on other sites More sharing options...
razorsese Posted April 26, 2012 Author Share Posted April 26, 2012 First thanks for answer And second isn't there any work around to put column names from a variable?! Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/#findComment-1340810 Share on other sites More sharing options...
xyph Posted April 26, 2012 Share Posted April 26, 2012 You don't quote it in the query. $col = 'column'; $query = 'SELECT '.$col.' FROM table'; echo $query; If you want to specify a column name from user-data, you need to have very strict sanitization. Generic escape functions won't work. Link to comment https://forums.phpfreaks.com/topic/261646-php-pdo-sql-statement/#findComment-1340812 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.