问题
I found several threads on the Sphinx forum discussing this issue:
http://sphinxsearch.com/forum/view.html?id=5974
My function for creating a DB connection:
function createSphinxPdo()
{
try {
$options = [
\PDO::ATTR_EMULATE_PREPARES => true,
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION
];
$db = new \PDO("mysql:host=127.0.0.1;port=3308;charset=utf8mb4", null, null, $options);
} catch (\PDOException $e) {
throw $e;
}
return $db;
}
This works fine:
$sphinxDb = createSphinxPdo();
$stmt = $sphinxDb->prepare('
SELECT *, WEIGHT() AS w FROM my_index
WHERE MATCH(\'@column "word"/1\')
');
try {
$success = $stmt->execute();
} catch (\PDOException $e) {
throw $e;
}
$results = $stmt->fetchAll(\PDO::FETCH_ASSOC);
echo '$results<pre>' . PHP_EOL;
print_r($results);
echo PHP_EOL . '</pre>';
No results returned:
$stmt = $sphinxDb->prepare('
SELECT *, WEIGHT() AS w FROM my_index
WHERE MATCH(\'@column ":word"/1\')
');
try {
$success = $stmt->execute([':word' => 'word']);
} catch (\PDOException $e) {
throw $e;
}
$results = $stmt->fetchAll(\PDO::FETCH_ASSOC);
echo '$results<pre>' . PHP_EOL;
print_r($results);
echo PHP_EOL . '</pre>';
When I bind values to a prepared statement, no results are returned.
回答1:
Ah, you can't 'bind' in the middle of other strings. Because its expected that the prepared statements will take care of quoting.
You can do:
$stmt = $sphinxDb->prepare('
SELECT *, WEIGHT() AS w FROM my_index
WHERE MATCH(:query)
');
....
$success = $stmt->execute([':query' => '@column "word"/1']);
Ie the parameter should be the whole extended query.
To tie with your other question, you COULD use EscapeString directly on the value of the array, eg
$success = $stmt->execute([':query' => EscapeString($query)]);
if don't want to allow any of the extended query syntax. EscapeString will take care of the query syntax, pdo/mysql-client will take care of the SphixnQL quoting.
来源:https://stackoverflow.com/questions/29212746/sphinxql-doesnt-work-with-prepared-statements