是否可以有两个mysqli_queries如此?:
mysqli_query($dblink, "INSERT INTO images (project_id, user_id, image_name, date_created, link_to_file, link_to_thumbnail, given_name) VALUES ('$project_id', '$user_id', '$image_name', '$date_created', '$link_to_file', '$thumbnail', '$ImageName')") or die(mysql_error());
mysqli_query($dblink, "INSERT INTO images_history (project_id, user_id, image_name, date_created, link_to_file, link_to_thumbnail, given_name, day, month, year) VALUES ('$project_id', '$user_id', '$image_name', '$date_created', '$link_to_file', '$thumbnail', '$ImageName', '$day', '$month', '$year')") or die(mysql_error());
基本上我想更新数据库中的两个表。有更好的方法吗?
答案 0 :(得分:24)
可以使用mysqli_multi_query()。
示例:
<?php
$mysqli = new mysqli($host, $user, $password, $database);
// create string of queries separated by ;
$query = "INSERT INTO images (project_id, user_id, image_name, date_created, link_to_file, link_to_thumbnail, given_name) VALUES ('$project_id', '$user_id', '$image_name', '$date_created', '$link_to_file', '$thumbnail', '$ImageName');";
$query .= "INSERT INTO images_history (project_id, user_id, image_name, date_created, link_to_file, link_to_thumbnail, given_name, day, month, year) VALUES ('$project_id', '$user_id', '$image_name', '$date_created', '$link_to_file', '$thumbnail', '$ImageName', '$day', '$month', '$year');";
// execute query - $result is false if the first query failed
$result = mysqli_multi_query($mysqli, $query);
if ($result) {
do {
// grab the result of the next query
if (($result = mysqli_store_result($mysqli)) === false && mysqli_error($mysqli) != '') {
echo "Query failed: " . mysqli_error($mysqli);
}
} while (mysqli_more_results($mysqli) && mysqli_next_result($mysqli)); // while there are more results
} else {
echo "First query failed..." . mysqli_error($mysqli);
}
关键是,如果要在一次调用中执行多个查询,必须使用mysqli_multi_query。出于安全原因,mysqli_query将不会执行多个查询以防止SQL注入。
还要记住mysqli_store_result的行为。如果查询没有结果集(FALSE查询没有),则返回INSERT,因此您还必须检查mysqli_error以查看它返回一个空字符串,表示INSERT很成功。
请参阅:
mysqli_multi_query
mysqli_more_results
mysqli_next_result
mysqli_store_result
答案 1 :(得分:1)
一劳永逸!使用此函数可以在脚本中的任何位置获得无限数量的查询结果。
<强>功能:
您只需将多查询的输出传递给函数,它就会返回在每个查询中找到的所有结果和错误。
function loop_multi($result){
//use the global variable $conn in this function
global $conn;
//an array to store results and return at the end
$returned = array("result"=>array(),"error"=>array());
//if first query doesn't return errors
if ($result){
//store results of first query in the $returned array
$returned["result"][0] = mysqli_store_result($conn);
//set a variable to loop and assign following results to the $returned array properly
$count = 0;
// start doing and keep trying until the while condition below is not met
do {
//increase the loop count by one
$count++;
//go to the next result
mysqli_next_result($conn);
//get mysqli stored result for this query
$result = mysqli_store_result($conn);
//if this query in the loop doesn't return errors
if($result){
//store results of this query in the $returned array
$returned["result"][$count] = $result;
//if this query in the loop returns errors
}else{
//store errors of this query in the $returned array
$returned["error"][$count] = mysqli_error($conn);
}
}
// stop if this is false
while (mysqli_more_results($conn));
}else{
//if first query returns errors
$returned["error"][0] = mysqli_error($conn);
}
//return the $returned array
return $returned;
}
<强>用法:
$query = "INSERT INTO table1 (attribute1) VALUES ('value1');";
$query .= "INSERT INTO table2 (attribute2) VALUES ('value2');";
$query .= "SELECT * FROM table3;";
//execute query
$result = mysqli_multi_query($conn, $query);
//pass $result to the loop_multi function
$output = loop_multi($result);
<强>输出
$ output包括由查询排序的2个数组“result”和“error”。例如,如果您需要检查执行第三个查询时是否发生任何错误并获取其结果,您可以执行以下操作:
if(isset($output['error'][2]) && $output['error'][2] !== ""){
echo $output['error'][2];
}else{
while($row = $output['result'][2]->fetch_assoc()) {
print_r($row);
}
}
答案 2 :(得分:1)
关于Stack Overflow的一些答案是如此自相矛盾,以至于只是令人着迷。
关键是如果要在单个调用中执行多个查询,则必须使用mysqli_multi_query。 出于安全原因,mysqli_query不会执行多个查询以防止SQL注入。
它基本上说:“关键是您必须使用没有安全钩的枪支,因为常规武器不会让您用脚射击自己。所以这是分解它的方法,现在您一口气就能瘫痪自己!”
尽管OP引用了显式警告,但一次并没有询问如何在单个调用中运行两个查询的事实,这实际上是危险,答案无疑会提供绕过此限制的方法。
最糟糕的是,所有这些危险而繁琐的混乱都是徒劳的。仅仅是因为没有一个单一的原因要求在一个调用中运行多个查询。一个一个地运行查询就是要使用的数据库API 的方式。
基本上,我想更新数据库中的两个表。有更好的方法吗?
$stmt = $dblink->prepare("INSERT INTO images
(project_id, user_id, image_name, date_created, link_to_file, link_to_thumbnail, given_name)
VALUES (?,?,?,?,?,?,?)");
$stmt->bind_param("ssssss", $project_id, $user_id, $image_name, $date_created, $link_to_file, $thumbnail, $ImageName);
$stmt->execute();
$stmt = $dblink->prepare("INSERT INTO images_history
(project_id, user_id, image_name, date_created, link_to_file, link_to_thumbnail, given_name, day, month, year)
VALUES (?,?,?,?,?,?,?,?,?,?)");
$stmt->bind_param("ssssssssss", $project_id, $user_id, $image_name, $date_created, $link_to_file, $thumbnail, $ImageName, $day, $month, $year);
$stmt->execute();
它不仅更清洁,而且还 100%的SQL注入安全性。
如果您的查询之一失败,只需ask mysqli for the error message and then fix the error。