Update using PDO statement

前端 未结 2 1584
我寻月下人不归
我寻月下人不归 2021-01-26 19:40

I am still getting my head around a PDO statement but the code below does not do what I assumed it would

  $temp = \"6c \";    
  $weather_report = \"Its curren         


        
相关标签:
2条回答
  • 2021-01-26 20:04

    Although Bill has already answered the question, I'd like to add:

    Do not use named parameters with TEXT columns, at least not with MySQL. It won't work. Use question marks instead.

    0 讨论(0)
  • 2021-01-26 20:21

    Please use query parameters instead of interpolating variables into SQL strings.
    It's safer, faster, and easier.

    $temp = "6c ";    
    $weather_report = "It's currently $temp " ; 
    
    $sql = "UPDATE data_weather SET text= ? WHERE period='report'";
    $stmt = $pdo->prepare($sql);
    $stmt->execute(array($weather_report));
    

    Note that you don't need to quote the string. In fact, you must not put quotes around the ? placeholder. You can use apostrophes inside your weather report string safely.

    You can use a parameter placeholder any place you would normally put a single scalar value in an SQL expression. E.g. in place of a quoted string, quoted date, or numeric literal. But not for table names or column names, or for lists of values, or SQL keywords.

    0 讨论(0)
提交回复
热议问题