准备语句不适用于SELECT语句

时间:2017-09-16 13:52:28

标签: php mysql prepared-statement

当我使用带有预处理语句的SQL select语句时,代码工作正常并在我使用WAMP服务器在我的计算机localhost中运行时显示内容。

但是当我将此代码上传到我的虚拟主机时。没有任何结果显示或没有任何错误显示。但没有准备好的语句代码在Web托管和显示结果中工作正常。这是我的代码,有和没有准备好的陈述。请告诉我为什么会这样?

这是我的代码:

<?php 

for($i=0;$i <$count; $i++){

    require('connection.php');
    $stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset ?");
    $stmt->bind_param('s', $id);
    $stmt->execute(); 
    $result = $stmt->get_result();                                          

    if($result->num_rows > 0) {
        while($row = $result-> fetch_assoc()){                          

        $pst_content = $row['content'];
        $author = $row['commentator'];

        if($i==0){

            echo '<div class="item active">';
            echo '      <blockquote>';
            echo '<div class="row">';
            echo '<div class="col-sm-12">';
            echo "      <p style='color:#a07936'>$pst_content</p>";
            echo "<small>$author</small>";
            echo '      </div>';
            echo '      </div>';
            echo '      </blockquote>';
            echo '      </div>';

        }else{

            echo '<div class="item">';
            echo '      <blockquote>';
            echo '<div class="row">';
            echo '<div class="col-sm-12">';
            echo "      <p style='color:#a07936'>$pst_content</p>";
            echo "<small>$author</small>";
            echo '      </div>';
            echo '      </div>';
            echo '      </blockquote>';
            echo '      </div>';                                    
        }

    }
    }
}         
?>

3 个答案:

答案 0 :(得分:1)

根据程序样式编码。您的表格列如下?评论员,内容?然后,

<?php
$link = mysqli_connect("localhost", "my_user", "my_password", "world");


/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}

for($i=0;$i <$count; $i++){

    if ($stmt = mysqli_prepare($link, "SELECT commentator,content FROM comment WHERE status = 'Approved' limit 1 offset ?")) {

        /* bind parameters for markers */
        mysqli_stmt_bind_param($stmt, "s", $i);

        /* execute query */
        mysqli_stmt_execute($stmt);

        /* bind result variables */
        mysqli_stmt_bind_result($stmt,$cmnt,$cont);

        /* fetch value */
        mysqli_stmt_fetch($stmt);

        $pst_content = $cont;
        $author = $cmnt;

        if($i==0){

            echo '<div class="item active">';
            echo '      <blockquote>';
            echo '<div class="row">';
            echo '<div class="col-sm-12">';
            echo "      <p style='color:#a07936'>$pst_content</p>";
            echo "<small>$author</small>";
            echo '      </div>';
            echo '      </div>';
            echo '      </blockquote>';
            echo '      </div>';

        }else{

            echo '<div class="item">';
            echo '      <blockquote>';
            echo '<div class="row">';
            echo '<div class="col-sm-12">';
            echo "      <p style='color:#a07936'>$pst_content</p>";
            echo "<small>$author</small>";
            echo '      </div>';
            echo '      </div>';
            echo '      </blockquote>';
            echo '      </div>';                                    
        }       



        /* close statement */
        mysqli_stmt_close($stmt);
    }
}

/* close connection */
mysqli_close($link);
?>

阅读本文: http://php.net/manual/en/mysqli.prepare.php

答案 1 :(得分:0)

http://php.net/manual/en/pdostatement.bindparam.php

$stmt->bind_param('s', $id);

您正在尝试将$ id绑定到“s”,但您使用的是?在你的查询中。

$stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset ?");
$stmt->bind_param(1, $id);

或更好

$stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset :id");
$stmt->bind_param(':id', $id);

答案 2 :(得分:0)

由于您将bind_param()与命名参数一起使用,因此也应在查询中对其进行命名:

$stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset :s");
$stmt->bind_param('s', $id);

当然应该定义$ id变量并为offset子句保留一个有意义的值。