好吧,我有一个问题,我需要将产品 id 数组传递到下面的 sql 语句
$index = 0;
$products = $cart->get_products();
for ($i=0, $n=sizeof($products); $i<$n; $i++) {
$prod = $products[$index]['id'];
if (strpos($prod,"{")){
$product = preg_split("^[{}]^",$prod);
}else{
$product = $prod;
}
}
$product_query = tep_db_query("select cb.products_id, SUM(cb.customers_basket_quantity),SUM(p.products_rate) from " . TABLE_PRODUCTS . " p INNER JOIN " . TABLE_CUSTOMERS_BASKET . " cb ON p.products_id = cb.products_id
WHERE cb.customers_id ='" . $customer_id ."'
AND p.products_id IN '".$product ."'
");
结果总是
1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''Array'' at line 3
从产品 p 中选择 cb.products_id、SUM(cb.customers_basket_quantity)、SUM(p.products_rate) p INNER JOINcustomers_basket cb ON p.products_id = cb.products_id WHERE cb.customers_id ='3' AND p.products_id IN '数组'
最佳答案
(如果您自己创建 SQL,请务必小心插入 SQL 的内容(而不是 PDO 参数等)!)
确保 $product 是一个数组:
$product = (array)$product;
然后转义它的值:
$product = array_map('your_db_escape_function', $product);
然后将其字符串化:
$product = "'" . implode("', '", $product) . "'";
然后将其添加到查询中:
"... p.products_id IN (" . $product . ")"
代码编辑后,我认为这就是您想要的:
$products = $cart->get_products();
$productIds = array_map(function($product) {
return (int)$product['id'];
}, $products);
$productIds = implode(', ', $productIds);
$query = tep_db_query("
select cb.products_id, SUM(cb.customers_basket_quantity),SUM(p.products_rate)
from " . TABLE_PRODUCTS . " p
INNER JOIN " . TABLE_CUSTOMERS_BASKET . " cb ON p.products_id = cb.products_id
WHERE cb.customers_id ='" . $customer_id ."'
AND p.products_id IN (" . $productIds . ")
");
关于php - 如何将数组传递给 mysql 语句,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/15178488/