问题
I have a string of ids like 1,2,3,4,5 and I want to be able to list all rows in mysql where the ID is contained in that list.
I assumed the easiest way would be to turn the string into an array and then match in ($array) but it doesn't work for me - no errors etc but it returns no rows:
$string="1,2,3,4,5";
$array=array_map('intval', explode(',', $string));
$query=mysqli_query($conn, "SELECT name FROM users WHERE id IN ('".$array."')");
If I do a var_dump of $array I get:
array(5) {
[0]=> int(1)
[1]=> int(2)
[2]=> int(3)
[3]=> int(4)
[4]=> int(5)
}
Any idea where I am screwing up?
回答1:
$string="1,2,3,4,5";
$array=array_map('intval', explode(',', $string));
$array = implode("','",$array);
$query=mysqli_query($conn, "SELECT name FROM users WHERE id IN ('".$array."')");
回答2:
Your query translates to:
SELECT name FROM users WHERE id IN ('Array');
Or something to that affect.
Try using prepared queries instead, something like:
$numbers = explode(',', $string);
$prepare = array_map(function(){ return '?'; }, $numbers);
$statement = mysqli_prepare($link , "SELECT name FROM users WHERE id IN ('".implode(',', $prepare)."')");
if($statement) {
$ints = array_map(function(){ return 'i'; }, $numbers);
call_user_func_array("mysqli_stmt_bind_param", array_merge(
array($statement, implode('', $ints)), $numbers
));
$results = mysqli_stmt_execute($statement);
// do something with results
// ...
}
回答3:
Change
$array=array_map('intval', explode(',', $string));
To:
$array= implode(',', array_map('intval', explode(',', $string)));
array_map returns an array, not a string. You need to convert the array to a comma separated string in order to use in the WHERE clause.
来源:https://stackoverflow.com/questions/20203063/mysql-where-id-is-in-array