我试图将一些代码从常规的mysqli select查询转换为更安全的mysqli预处理语句,但无论我在过去几个小时尝试过什么方法都不行,有什么我错过了这段代码?
function getProjectSites($selected){
global $db;
$result = $db->prepare("SELECT DISTINCT site_location, id FROM projects WHERE project_name_id = ? ORDER BY site_location");
$result->bind_param('s', $selected);
return $result->execute();
}
$stmt = getProjectSites($selected);
$stmt->store_result();
/* Get the result */
$res = $stmt->get_result();
while ($row = $res->fetch_assoc()) {
//no rows are output
答案 0 :(得分:0)
你可以尝试这个 - >
function getProjectSites($selected){
global $db;
$result = $db->prepare("SELECT DISTINCT site_location, id FROM projects WHERE project_name_id = ? ORDER BY site_location");
$result->bind_param('s', $selected);
return $result->execute();
}
$stmt = getProjectSites($selected);
$stmt->store_result();
// Fetch a record. Bind the result to a variable called 'value' and fetch.
$stmt->bind_result($value) ;
$res = $stmt->fetch() ;
if($res)
{
//This is just an example you do your code here
echo "data length is " . strlen($value);
}