所以我们有一张桌子,上面有我们所有的球员和每个球队的桌子。首先,我获得玩家在该团队中玩的ID,然后我使用所述ID以获得与该玩家相关的所有信息。 一位朋友现在告诉我,我可以通过使用预准备语句来减少服务器响应时间。但它不起作用!这是错误消息“致命错误:在第63行”地址“中的非对象上调用成员函数fetch_assoc()”
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$stmt = $conn->prepare("SELECT Vorname, Nachname, Bild FROM Spieler WHERE Id IN (?)");
$stmt->bind_param("i", $SpielerId);
$sql1 = "SELECT Id, SpielerId FROM 2Herren";
$list = $conn->query($sql1);
if ($list->num_rows > 0) {
while ($rowlist = $list->fetch_assoc()) {
$SpielerId = $rowlist["SpielerId"];
// $sql2 = "SELECT Vorname, Nachname, Bild FROM Spieler WHERE Id IN ($SpielerId)";
// $result = $conn->query($sql2);
$result = $stmt->execute();
while ($data = $result->fetch_assoc()) { //Line 63
echo "<tr><td>" . $rowlist["Id"] . "</td><td>" . $data["Vorname"] . " " . $data["Nachname"] ."</td><td><img style='max-width: 100px; max-heigth: 100px;' src='" . $data["Bild"] . "'></td></tr>";
}
}
}
这段代码出了什么问题?
答案 0 :(得分:3)
您正在添加此内容,但这不适用于预准备语句。
$sql1 = "SELECT Id, SpielerId FROM 2Herren";
$list = $conn->query($sql1);
您还必须执行并运行获取结果:
//Execute prepared statment
$stmt->execute();
//Get result as assoc_array
$result = $stmt->get_result();
应该是这样的:
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$stmt = $conn->prepare("SELECT Id, Vorname, Nachname, Bild FROM Spieler WHERE Id = ?");
$stmt->bind_param("i", $SpielerId);
//Execute prepared statment
$stmt->execute();
//Get result as assoc_array
$result = $stmt->get_result();
//Loop through every entry
while ($rowlist = $result->fetch_assoc()) {
var_dump($rowlist);
}
准备好的陈述也不会更快。它们更安全,并最大限度地降低了SQL注入的风险
答案 1 :(得分:0)
预准备语句的execute函数不会返回与查询关联的结果,而是返回布尔值,以确定查询是否已执行。调用$stmt->get_result()
$stmt->execute()获得结果