MySQLi准备了声明问题

时间:2018-03-25 11:21:50

标签: php select mysqli prepared-statement

我(试图)将我的查询从毫无准备的语句转移到MySQLi预备语句。 到目前为止我学到的东西应该是以下的模式:

$post_id = $mysqli->real_escape_string($_GET['id']);

$query_blog = 'SELECT * FROM blog WHERE id = ?';

$result_blog = $mysqli->prepare($query_blog);
$result_blog->bind_param('i', $post_id);
$result_blog->execute();
$result_blog->bind_result();
$result_blog->close();
$mysqli->close();

如果我回显$ post_id和$ query_blog我得到了正确的结果。但是当谈到bind_param时,它会被卡住。不知道出了什么问题。知道怎么运行吗?

总的来说,我的代码如下:

<?php

$post_id = $mysqli->real_escape_string($_GET['id']);

$query_blog = 'SELECT * FROM blog WHERE id = ?';

$result_blog = $mysqli->prepare($query_blog);
$result_blog->bind_param('i', $post_id);
$result_blog->execute();
$result_blog->bind_result();
$result_blog->close();
$mysqli->close();

if ($result_blog):
    if(mysqli_num_rows($result_blog)>0):
       while($blog_entry = mysqli_fetch_assoc($result_blog)):

         //Do something

        endwhile;
     endif;
endif;

非常感谢!

编辑: 如果我在准备好声明之后我得到了print_r:

mysqli_stmt Object ( [affected_rows] => 0 [insert_id] => 0 [num_rows] => 0 [param_count] => 1 [field_count] => 7 [errno] => 0 [error] => [error_list] => Array ( ) [sqlstate] => 00000 [id] => 1 )

如果我在bind_param之后print_r我得到的语句:

mysqli_stmt Object ( [affected_rows] => 0 [insert_id] => 0 [num_rows] => 0 [param_count] => 1 [field_count] => 7 [errno] => 0 [error] => [error_list] => Array ( ) [sqlstate] => 00000 [id] => 1 )

如果我在执行语句后执行print_r:

mysqli_stmt Object ( [affected_rows] => -1 [insert_id] => 0 [num_rows] => 0 [param_count] => 1 [field_count] => 7 [errno] => 0 [error] => [error_list] => Array ( ) [sqlstate] => 00000 [id] => 1 )

所以affected_rows更改为-1 这是否意味着找不到ID = 1的行,因为这肯定在我的数据库中。

EDIT2:

如果我添加以下语句,我会从查询中获取数据。

$result_blog->bind_result($id, $headline);
$result_blog->fetch();
print_r($headline);

但是我如何循环结果呢?

if ($result_blog):
        if(mysqli_num_rows($result_blog)>0):
           while($blog_entry = mysqli_fetch_assoc($result_blog)):

             //Do something

            endwhile;
         endif;
    endif;

这似乎不起作用: - /

1 个答案:

答案 0 :(得分:0)

准备好的语句的一个简单示例可能如下所示:

// Set query
$query = "SELECT field_1, field_2 FROM table WHERE field_3 = ?";

// prepare statement
$stmt = mysqli->prepare($query);

// bind param (marked with '?' in $query) and define type
// look [http://php.net/manual/de/mysqli-stmt.bind-param.php] for further information for this function
$stmt->bind_param('i', $foo);

// define variables which will contain content after fetching the result
$stmt->bind_result($field_1, $field_2);

// execute query and check if successful
if($stmt->execute() === false)
{
    // an error occurred, do something!
    // throw new Exception('error!');
}

// loop through results
while($stmt->fetch())
{
    // this part will be executed for every result
    // do something with $field_1 and $field_2
}

// release memory
$stmt->close();

您的代码可能如下所示:

$query = "SELECT id, headline FROM blog WHERE id = ?";
$stmt = mysqli->prepare($query);
// assuming that $_GET['id'] is an integer
$stmt->bind_param('i', $_GET['id']);
$stmt->bind_result($id, $headline);
if($stmt->execute() === false)
{
    // an error occurred, do something!
}
while($stmt->fetch())
{
    // do something with $id and $headline
}
$stmt->close();
相关问题
最新问题