我正在尝试将一个小文件从mysql转换为mysqli。这是我到目前为止所处的地方,但它不起作用。有人可以检查它,看看它有什么问题吗?
$mysqli = new mysqli("localhost", "some_name", "password", "some_db");
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit();
}
session_start();
if(isset($_SESSION['userid'])){
$user = mysqli_real_escape_string($mysqli, $_SESSION['userid']);
// Retrieves variables through AJAX
$favid = mysqli_real_escape_string($mysqli, $_GET['favid']);
// Check if it is favored
$query = $mysqli->prepare("SELECT * FROM favorites WHERE user='$user'");
$query->execute();
$query->store_result();
$userows = $query->num_rows;
$query = $mysqli->prepare("SELECT * FROM favorites WHERE user='$user' AND favid='$favid'");
$query->execute();
$query->store_result();
$matches = $query->num_rows;
// If it is favored, add
if($matches == 0 && $userows < 30){
$mysqli->prepare("INSERT INTO favorites (user, favid, exptime) VALUES ('$user', '$favid', CURRENT_TIMESTAMP)");
echo "";
}
// If it is favored, delete
if($matches != 0){
$mysqli->prepare("DELETE FROM favorites WHERE user='$user' AND favid='$favid'");
echo "";
}
} else {
echo "Invalid session!";
}
原始(mysql)代码工作正常。这只是我对mysqli没有足够的经验。
答案 0 :(得分:0)
查看DOC
$stmt = $mysqli->prepare("INSERT INTO favorites (user, favid, exptime) VALUES (?, ?, CURRENT_TIMESTAMP)");
$stmt->bind_params('ss', $user, $favid);
$stmt->execute();
同样适用于DELETE声明。您尝试使用准备好的语句(这很好!)。因此,您应该按照它们的方式使用它们,并将params绑定到占位符,而不是将它们直接插入查询字符串。