php - How to apply bindValue method in LIMIT clause? -

-

Here is a snapshot of my code: 

  $ fetchPictures = $ PDO-> ; Prepare ("Choose From Photos * Album Where: ALCID Order By ADC Limit: Skip, Max:"); $ False Image- & gt; Bind Value (': Album Id', $ _GET ['Album'], PDO :: Paramax); If (isset ($ _GET ['skip'])) {$ fetchPictures-> BindValue (': skip', trim ($ _GET ['skip']), PDO: Paramatti); } And {$ fetchPictures-> Byte value (': Skip', 0, PDO :: Paramatti); } $ Fetch Image-> Bind value (': max', $ max, pdo: parametti); Fetch $-> Ficture-> Execute () or die (print_r ($ fetch-pictures-> ErrorInfo ())); $ Picture = $ Fetch - Image-> Fetch All (PDO :: FETCH_ASSOC);

I get

There is an error in your SQL syntax; It seems that the PDO is adding single quote to my variable, which is manual for the right syntax to use near "15", "Line 1", which matches your MySQL server version is. I saw a limited portion of the SQL code, I found this bug that I think is related:

Am I watching? This bug has been opened since April 2008! What should we do in the meantime?

I need to make some page-digits, and it is necessary to ensure that data is clean, SQL injection-safe before sending SQL statement.

I remember this problem before casting a value in an integer before passing it to the function. . I think it solves it. 

  $ fetchPictures-> gt; BindValue (': skip', (int) trim ($ _GET ['skip']), PDO :: PARAM_INT;

Comments

Post a Comment

Popular posts from this blog

java - org.apache.http.ProtocolException: Target host is not specified -

-
I have written a simple httprequest / response code and I am getting this error below: I used to type in my classpath httpclient, httpcore, common -Codecs and general logging. I am very new to Java and I do not know what's going on here. Please help me. code: import org.apache.http.client.HttpClient; Import org.apache.http.client.methods.HttpGet; Import org.apache.http.HttpResponse; Import org.apache.http.impl.client.HttpClientBuilder; Import org.apache.http.Header; Import org.apache.http.HttpHeaders; Public class UnshorteningUrl {public static zero main (string [] args throws exception {HttpGet request = zero; HTTP Client Client = HTTP ClientBuilder.credit (). Build (); Try {Request = New HTTP Gate ("trib.me/1lBFzSi"); HttpResponse httpResponse = client.execute (request); Header [] header = httpResponse.getHeaders (HttpHeaders.LOCATION); // Preconditions.checkState (headers.length == 1); String new url = header [0] .getValue (); System.out.println ("new url...
Read more

c# - Create dynamic LINQ query expression at runtime which translates into a parameterized SQL query for nullable types -

-
This question is related to my I want to make my custom expression for IQueryable in a nutshell. To achieve this goal, I wrote the next code. Public stable IQueryable & lt; T & gt; Filter Aquales & lt; T, TLL & gt; (This IQueryable & lt; T & gt; qSource, expression & lt; Func & lt; t; TLL; Field, TV value) {var fieldFilter = ExpressionClosureFactory.GetField (value); Var constraint = expression. Aqual (field. Body, field filter); Apply Return (qSource, Obstacle, Zone. Parameter); } Private Stable IQueryable & lt; T & gt; Apply & lt; T & gt; (IQueryable & lt; T & gt; qSource, Expression Barrier, ReadOnlyCollection & lt; Parameter Exposure & gt; Parameter) {var predicateFrom = Expression Lambda & lt; Func & lt; T, bool & gt; & Gt; (Hurdle, parameter); Return qSource.Where (predicateFrom); } Public Speaking Expression Clausfactree {Public Status Member Expert Gatefield & lt; TVLUE & gt; (TV va...
Read more

cmake - cpack generates RPMs with %files entries that conflict with the RPM spec. How to fix? -

-
Recently, I need to make sure that using our software by using cpack RHEL 7 and it can be packaged for free reconstruction (such as CentOS 7). Despite this, I have had a problem which was not present for RHEL 6.x and its free rebuilding: RPM, which has its % files cpack System entries such as the following are generated: % dir% attr (0755, root, root) "/"% dir% attr (0755, root, root) "/ usr"% Dir% attr (0755, root, root) "/ usr / bin"% dir% attr (0755, root, root) "/ usr / share"% dir% attr (0755, root, root) "/ usr / share / Applications "% dir% atr (0755, root, root)" / usr / share / doc "% dir% attr (0755, root, root)" / usr / share / icons "% di "/ Usr / share / icons / hicolor" / dir / hicolor "/ usr / users / share / icon / hicolor / scalable"% dir% attr (0755, root, root) Enter the% dir% plus (0755, root, root) "/ scalable / app" code which should not be declared by ...
Read more