i have post variable called $_post['excludeids'] following value:
1,2,3,4,5,6,7,8,9 i want pass sql query through not in use following query:
$sth = $dbh->prepare("select * books id not in (:excludeids)"); $sth->bindvalue(':excludeids', $_post['excludeids']); $sth->execute(); binding variable doesn't work in context don't know why. what's wrong above query?
it doesn't work in way because in() clause expects collection of values, not comma separated string, providing attempting bind them single argument.
in order make work need bind each element in collection individually:
// split ids array $ids = preg_split('/\s*,\s*/', $_post['excludeids'], -1, preg_split_no_empty); // create array of ? characters same length number of ids , join // commas, can used in query string $placeholders = implode(', ', array_fill(0, count($ids), '?')); // prepare statement $sth = $dbh->prepare("select * books id not in ($placeholders)"); // iterate ids , bind them // remember ? placeholders 1-indexed! foreach ($ids $index => $value) { $sth->bindvalue($index + 1, $value, pdo::param_int); } // should work $sth->execute(); 
Comments
Post a Comment