php选择查询,其中where参数错误

时间:2017-11-26 11:24:09

标签: php mysql select where

我编写了一个php脚本来从mysql中检索特定用户名的数据。用户名在select查询中传递,我正在使用postman检查php脚本。以下是我的PHP代码

    <?php
        //getting the database connection
 require_once 'MyDbConnect.php';

 //an array to display response
 $response = array();

 //if it is an api call
 //that means a get parameter named api call is set in the URL
 //and with this parameter we are concluding that it is an api call
 if(isset($_GET['apicall'])){

 switch($_GET['apicall']){
   case 'getSpecificData':
     case 'getSpecificData':
if(isTheseParametersAvailable(array('your_username'))){
//getting values
$your_username = $_POST['your_username'];

$heroes = array();
$sql = "SELECT your_username,your_mobile,referral_name,referral_contact,referral_email,
loan_type,loan_amount  FROM mytable WHERE your_username = ? ";
$sql->bind_param("s",$your_username);

$stmt->execute();
$stmt->bind_result($your_username, $your_mobile,$referral_name,$referral_contact,
$referral_email,$loan_type,$loan_amount);

//looping through all the records
while($stmt->fetch()){
 $temp = [
 'your_username'=>$your_username,
 'your_mobile'=>$your_mobile,
 'referral_name'=>$referral_name,
 'referral_contact'=>$referral_contact,
 'referral_email'=>$referral_email,
 'loan_type'=>$loan_type,
 'loan_amount'=>$loan_amount
 ];

 //pushing the array inside the hero array
 array_push($heroes, $temp);

}
echo json_encode($heroes);
}
break;

default:
$response['error'] = true;
$response['message'] = 'Invalid Operation Called';
}
}
else{
//if it is not api call
//pushing appropriate values to response array
$response['error'] = true;
$response['message'] = 'Invalid API Call';
}

function isTheseParametersAvailable($params){

 //traversing through all the parameters
 foreach($params as $param){
 //if the paramter is not available
 if(!isset($_POST[$param])){
 //return false
 return false;
 }
 }
 //return true if every param is available
 return true;
 }
?>

问题出在选择查询中。当我在我的PHP代码中写上面提到的选择查询时,我什么都没得到。但如果我按如下方式编写选择查询,我会得到适当的数据

$ sql =&#34;选择your_username,your_mobile,referral_name,referral_contact,referral_email,     loan_type,loan_amount FROM mytable WHERE your_username =&#39; Rohan&#39; &#34 ;;

有人可以解释一下错误的原因吗?任何帮助将不胜感激。

1 个答案:

答案 0 :(得分:0)

你错过了变量的绑定:

//  $stmt->bind_param("ss",$your_username);

已经在您的代码中。将其更改为:

$stmt->bind_param("s",$your_username);

“s”表示变量是一个字符串,绑定“替换”“?”在查询中。

编辑: 而不是使用此代码段;)

$your_username = $_POST['your_username'];

      //creating the query
      $stmt = $conn->prepare("SELECT id,your_username,your_mobile,referral_name,referral_contact,referral_email,
loan_type,loan_amount FROM mytable WHERE your_username = ? ");
    $stmt->bind_param("s",$your_username);
相关问题
最新问题