PHP Prepared-Statement: binding variable parameters

时间:2016-07-11 20:41:03

标签: php database api mysqli prepared-statement

I have a problem with a varchar in my database that only displays 0 instead of the in the past written text. I have a URL that contains some parameters like nickname, points or the difficulty of the game.

localhost/api.php?nickname=test&points=5&difficulty=3

These parameters gets an api (see the code below) and write them into the database.

<?php
$nickname = $_GET['nickname'];
$points = $_GET['points'];
$difficulty = $_GET['difficulty'];

$mysqli = new mysqli("localhost", "games", "123", "tictactoe");

if ($mysqli->connect_errno) {
    die("Error");
}

/* Prepared statement, stage 1: prepare */
$sql ="insert into highscores (nickname, points, difficulty) values (?, ?, ?)";
if (!($stmt = $mysqli->prepare($sql))) {
    die("Error");
}

/* Prepared statement, stage 2: bind and execute */
if (!$stmt->bind_param("isi", $nickname, $points, $difficulty)) {
    die("Error");
}

if (!$stmt->execute()) {
    die("Error");
}
mysqli_close($mysqli);
?>

But my problem is: Why does all varchars in the database have the value 0 if the api bind the parameters with a String that is like "test" ?

id  nickname  points  difficulty
1      0        5         3
2      0        5         3
3      0        5         3
4      0        5         3
5      0        5         3
6      0        5         3
7      0        5         3

The database structure:

Column       Type         Null     Standard   Comments
id          int(11)       No         
nickname    varchar(20)   No             
points      int(11)       No         
difficulty  tinyint(4)    No

I hope you can understand my problem and can help me :)

2 个答案:

答案 0 :(得分:3)

Your binding is inverted.

$stmt->bind_param("isi", $nickname, $points, $difficulty)

says that $nickname and $difficulty are integers. Your DB has nickname as varchar though.

It should be:

$stmt->bind_param("sii", $nickname, $points, $difficulty)

You can see it documented here.

Character   Description
i           corresponding variable has type integer
d           corresponding variable has type double
s           corresponding variable has type string
b           corresponding variable is a blob and will be sent in packets

答案 1 :(得分:0)

The problem is in the bind_parm. You are using "i" which is for integer. You must use "s" which is what you need. 

i   corresponding variable has type integer
d   corresponding variable has type double
s   corresponding variable has type string
b   corresponding variable is a blob and will be sent in packets
相关问题
最新问题