• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Can we re-use keys in prepared statements?

Jaxel

Well-known member
#1
Lets look at this code:
Code:
public function getSearchResults($keywords)
{
	$media = $this->_getDb()->fetchAll("
		SELECT *,
			MATCH(media_title) AGAINST(?) AS score_title,
			MATCH(media_description) AGAINST(?) AS score_description,
			MATCH(media_custom1) AGAINST(?) AS score_custom1,
			MATCH(media_custom2) AGAINST(?) AS score_custom2,
			MATCH(media_custom3) AGAINST(?) AS score_custom3,
			MATCH(media_custom4) AGAINST(?) AS score_custom4,
			MATCH(media_custom5) AGAINST(?) AS score_custom5
			FROM EWRmedio_search
		WHERE MATCH(media_title) AGAINST(?)
			OR MATCH(media_description) AGAINST(?)
			OR MATCH(media_custom1) AGAINST(?)
			OR MATCH(media_custom2) AGAINST(?)
			OR MATCH(media_custom3) AGAINST(?)
			OR MATCH(media_custom4) AGAINST(?)
			OR MATCH(media_custom5) AGAINST(?)
	", array($keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords));

	return $media;
}
notice the array of $keywords at the bottom... Something like that pisses me off...
 

Rigel Kentaurus

Well-known member
#2
I took this from the Zend documentation
(http://framework.zend.com/manual/en/zend.db.statement.html)

Code:
      $sql = 'SELECT * FROM bugs WHERE ' .
             'reported_by = :reporter AND bug_status = :status';
      $stmt = new Zend_Db_Statement_Mysqli($db, $sql);
      $stmt->execute(array(':reporter' => 'goofy', ':status' => 'FIXED'));
This, translated to XenForo, try using :myParam instead of ?, and then in the array sending myParam => $keywords
Although I have not tried this, I would expect it to work :)
 

Rigel Kentaurus

Well-known member
#3
I took this from the Zend documentation
(http://framework.zend.com/manual/en/zend.db.statement.html)

Code:
      $sql = 'SELECT * FROM bugs WHERE ' .
             'reported_by = :reporter AND bug_status = :status';
      $stmt = new Zend_Db_Statement_Mysqli($db, $sql);
      $stmt->execute(array(':reporter' => 'goofy', ':status' => 'FIXED'));
This, translated to XenForo, try using :myParam instead of ?, and then in the array sending myParam => $keywords
Although I have not tried this, I would expect it to work :)
I tested this. Sadly, it does not work. This is because only PDO seems to support named parameters. MySqli does not.