1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can we re-use keys in prepared statements?

Discussion in 'XenForo Development Discussions' started by Jaxel, Nov 12, 2010.

  1. Jaxel

    Jaxel Well-Known Member

    Lets look at this code:
    public function getSearchResults($keywords)
    	$media = $this->_getDb()->fetchAll("
    		SELECT *,
    			MATCH(media_title) AGAINST(?) AS score_title,
    			MATCH(media_description) AGAINST(?) AS score_description,
    			MATCH(media_custom1) AGAINST(?) AS score_custom1,
    			MATCH(media_custom2) AGAINST(?) AS score_custom2,
    			MATCH(media_custom3) AGAINST(?) AS score_custom3,
    			MATCH(media_custom4) AGAINST(?) AS score_custom4,
    			MATCH(media_custom5) AGAINST(?) AS score_custom5
    			FROM EWRmedio_search
    		WHERE MATCH(media_title) AGAINST(?)
    			OR MATCH(media_description) AGAINST(?)
    			OR MATCH(media_custom1) AGAINST(?)
    			OR MATCH(media_custom2) AGAINST(?)
    			OR MATCH(media_custom3) AGAINST(?)
    			OR MATCH(media_custom4) AGAINST(?)
    			OR MATCH(media_custom5) AGAINST(?)
    	", array($keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords, $keywords));
    	return $media;
    notice the array of $keywords at the bottom... Something like that pisses me off...
    Rigel Kentaurus likes this.
  2. Rigel Kentaurus

    Rigel Kentaurus Well-Known Member

    I took this from the Zend documentation

          $sql = 'SELECT * FROM bugs WHERE ' .
                 'reported_by = :reporter AND bug_status = :status';
          $stmt = new Zend_Db_Statement_Mysqli($db, $sql);
          $stmt->execute(array(':reporter' => 'goofy', ':status' => 'FIXED'));
    This, translated to XenForo, try using :myParam instead of ?, and then in the array sending myParam => $keywords
    Although I have not tried this, I would expect it to work :)
    Darkimmortal likes this.
  3. Rigel Kentaurus

    Rigel Kentaurus Well-Known Member

    I tested this. Sadly, it does not work. This is because only PDO seems to support named parameters. MySqli does not.

Share This Page