PHP和mysqli：使用预准备语句选择多个条件

Question

我正在使用运行在 InnoDB 上的数据库的php文件中使用 mysqli 编写一些准备好的语句。大多数语句运行得很好，但是我有一个带有多个条件的select语句，它在select语句中返回一个语法错误，具体是：第1行附近? AND section_num = ? AND dept = ? AND semester = ? AND year = ?以及以下错误：< / p>

Call to a member function bind_param() on a non-object.

以下是代码片段：

if (!$rs = $mysqli->query("SELECT id FROM courses WHERE course_num = ? AND section_num = ? AND dept = ? AND semester = ? AND year = ?")) {
        echo "Select Query Failed!: (" . $mysqli->errno . ") ". $mysqli->error;
    }
    if(!$rs->bind_param("ssssi", mysqli_real_escape_string($mysqli,$course_num), mysqli_real_escape_string($mysqli,$section_num),
        mysqli_real_escape_string($mysqli,$dept), mysqli_real_escape_string($mysqli,$semester), mysqli_real_escape_string($mysqli,$year))) {
        echo "Select Binding parameters failed: (" . $rs->errno .") " . $rs->error;
    }
    if (!$rs->execute()) {
        echo "Execute select failed: (" . $rs->errno . ") " . $rs->error;
    }

关于如何形成此语句以基于4个输入检索id的任何建议都会很棒。谢谢！

Answer 1

您应该使用prepare来准备一个语句，而不是仅仅执行查询的query。

Answer 2

$query = "
SELECT id 
FROM courses 
WHERE 
course_num = ? AND section_num = ? AND dept = ? AND semester = ? AND year = ?
";
$rs = $mysqli->prepare($query);
$rs->bind_param("ssssi", $course_num, $section_num, $dept, $semester, $year);
$rs->execute();

Answer 3

更改：$mysqli->query("SELECT id ... 收件人：$mysqli->prepare("SELECT id ...

Answer 4

这很简单

$query = "SELECT * FROM `$table_tran` WHERE `$mem_id` ='$member_id' and                         $status` = '$cur_status'";
$result = mysqli_query($link,$query);

它使用and语句从事务表中获取数据。