我正在尝试参数化我的查询,下面的第一组代码就是我所拥有的,第二组代码就是我一直在尝试的。似乎无法让参数化的工作变得有效,你看到了什么,或者你能指出我错过的任何错误吗?感谢。
同样仅供参考,在contacttype中,目前约有5个结果:
ORIGINAL:
<?php
require("../config.php");
$sql = "SELECT * FROM contacts WHERE contacttype IN ('Buyer','Seller','Buyer / Seller','Investor') ORDER BY date DESC";
$result = mysqli_query($mysqli,$sql) or die ("Error: ".mysqli_error($mysqli));
while ($row = mysqli_fetch_array($result)) {
$contacttype = $row['contacttype'];
echo ''.$contacttype.'';
}
?>
参数化:
<?php
require("../config.php");
$contacttype=$row['contacttype'];
$stmt = $mysqli->prepare("SELECT * FROM contacts WHERE contacttype = ? ORDER BY date DESC");
$stmt ->bind_param("s", $contacttype);
$stmt ->execute();
$result = $mysqli->query($stmt) {
while ($row = $result->fetch_row()) {
echo $contacttype;
}
mysqli_free_result($result);
}
mysqli_close($mysqli);
?>
错误:解析错误:语法错误,意外T_WHILE
答案 0 :(得分:1)
那是因为您的PHP代码无效。
$result = $mysqli->query($stmt) {
应该是
$result = $mysqli->query($stmt);