Why bindValue breaks my query?

Asked Jun 01 '13 at 10:20

Active Mar 12 '15 at 18:07

Viewed 51 times

In below code, I'm trying to bind tags (which is taken from user) to my sql query.

I'll put them to query like this format: "tag1","tag2","tag3"

$tagsinput = trim($_GET["q"]);
$exploded_q = explode(",", trim($_GET["q"])); //seperate with comma, remove whitespace
$combined_tags = "\"" . implode("\",\"",$exploded_q) . "\""; //after this tags will be "tag1","tag2"...

$comb_leng = count($exploded_q);

$stmt = $db->prepare("SELECT * FROM posts a JOIN (SELECT p.id FROM tags_posts tp JOIN posts p ON tp.id_post = p.id JOIN tags t ON tp.id_tag = t.id WHERE t.name IN (:tags) GROUP BY p.id HAVING COUNT(DISTINCT t.id) = :howmany ) q ON a.id = q.id");
$stmt->bindValue(":tags", $combined_tags, PDO::PARAM_STR);
$stmt->bindValue(":howmany", count($exploded_q), PDO::PARAM_STR);
$stmt->execute();
$post_result=$stmt->fetchAll();

If I execute this without bindValue my query, it works as I expected. But if I bind them with bindValue(), code doesn't works. Sql returns empty result.

edited Mar 12 '15 at 18:07

Adrian Cid Almaguer

7,815
13
41
63

asked Jun 01 '13 at 10:20

alayli

1

[How can I create a prepared statement for IN () operator?](http://stackoverflow.com/questions/15990857/reference-frequently-asked-questions-about-pdo#15991146) – Your Common Sense Jun 01 '13 at 10:55
count() ain't a string for starts – david strachan Jun 01 '13 at 11:21

Why bindValue breaks my query?

0 Answers0