php - mySqli 绑定(bind)参数 LIKE 与通配符

Question

我在将带有通配符的 LIKE 绑定(bind)到我在 MySQLi 中准备好的语句时遇到问题。我尝试了以下两种方法，如下所示 & concat。(使用@fancyPants 输入更新)

• 绑定(bind)后有没有办法查看自己的SQL语句？

• 如何正确绑定(bind)它以获得我想要的结果？

它在没有 LIKE 语句的情况下工作。

我只能从使用特定搜索词中提取数据。我的代码有什么问题吗？

$str = $_POST["searchstr"];


    if(isset($_POST['submit']))
    {
        $price=$_POST['price'];


        if(!empty($_POST['chkbx']))
        {
            foreach($_POST['chkbx'] as $selected)
            {


                $sql= 'SELECT bookTitle, bookPrice FROM nbc_book WHERE catID LIKE "%'.$selected.'%" AND bookTitle LIKE "%'.$str.'%" AND bookPrice < ?';
                $stmt=mysqli_prepare($con,$sql);
                mysqli_stmt_bind_param($stmt,"i",$price);
                mysqli_stmt_execute($stmt);
                mysqli_stmt_bind_result($stmt, $bookTitle, $bookPrice); 
                while ($stmt->fetch()) {
                     echo $bookTitle.$bookPrice."<br>";
                }
            }
        }
    }

Answer 1

$searchStr =  'oracle';
$sql= 'SELECT bookTitle, bookPrice FROM nbc_book WHERE catID LIKE ? AND bookTitle LIKE "%'.$searchStr.'%" AND bookPrice < ?';
$stmt=mysqli_prepare($con,$sql);
mysqli_stmt_bind_param($stmt,"ssi",$selected,$price);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $bookTitle, $bookPrice); 
while ($stmt->fetch()) {
    echo $bookTitle;
}