[英]Querying database with php
I am trying to query my database using php, to then display the results of the query. 我试图使用php查询数据库,然后显示查询结果。 For this example, I only want the number of elements in my MySQL database.
对于此示例,我只想要MySQL数据库中的元素数。
My code is: 我的代码是:
<?php
print("This is just a test");
print("This is another test");
// Create connection
$con=mysqli_connect("mysql.netsons.com","****","****","****");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
print("A third test");
$result = mysqli_query($con, "SELECT COUNT(*) FROM MyGames");
echo $result;
echo mysqli_fetch_array($result);
print("A forth test");
mysqli_close($con);
?>
This is the result: 结果如下:
This is just a testThis is another testA third test
What am I doing wrong? 我究竟做错了什么?
mysql_fetch_array
fetches ... an array. mysql_fetch_array
获取...一个数组。
$row = mysqli_fetch_array($result);
echo $row["COUNT(*)"];
I think it would be better to alias that column too: 我认为也最好为该列起别名:
SELECT COUNT(*) AS count FROM MyGames
...
echo $row['count'];
I would recomend using a diferent method of querying that is much safer(As far as I know there is no SQL Injection to worry about) and it saves a lot of time and space. 我建议使用一种更安全的查询方法(据我所知,无需担心SQL注入),这样可以节省大量的时间和空间。
First you need to create an mysqli object 首先,您需要创建一个mysqli对象
$stateConnect = new mysqli("localhost", "root", "PASS", "DBTable");
This does the same thing as mysqli_connect
and mysqli_select_db
这样做与
mysqli_connect
和mysqli_select_db
相同
Then you want to define your SQL query 然后您要定义您的SQL查询
$sql = "SELECT `userVotes` FROM `users` WHERE `userEmail`=?";
Next you want to create a variable called a statement with your SQL "attached to it" 接下来,您要创建一个称为语句的变量,并在其中“附加” SQL
$statement = $stateConnect->prepare($sql);
Notice how in my SQL I didn't directly put the value required for userEmail, instead I put an '?'. 请注意,在我的SQL中,我没有直接输入userEmail所需的值,而是输入了“?”。 This acts as a variable that we will later define(However it will always be a '?'
它充当我们稍后定义的变量(但是始终为'?'
To define this variable we need to use. 要定义此变量,我们需要使用。
$statement->bind_param('s', $SESSION['email']);
This binds $SESSION['email']
to the first qustion mark, the s
is saying that the first question mark will be a string. 这会将
$SESSION['email']
绑定到第一个问号, s
表示第一个问号将是一个字符串。 Lets say we had to varribles: 可以说我们不得不变脆:
$sql = "SELECT `userVotes` FROM `users` WHERE `userEmail`=? AND `userName`=?";
We would then use: 然后,我们将使用:
$statement->bind_param('ss', $SESSION['email'], "USERNAME");
Each s replresents a question mark and each value after that represents a question mark. 每个s代表一个问号,此后的每个值代表一个问号。
Now we have to execute our query with. 现在我们必须执行查询。
$statement->execute();
If we are expecting a result to be returned then we have to use 如果我们期望返回结果,则必须使用
$statement->bind_result($userVotesText);
To bind the results to a variable, If I was expecting to columns of results I would need to put a second variable in. 要将结果绑定到变量,如果我希望将结果绑定到列,则需要放入第二个变量。
Now to set those varribles we need to use 现在设置这些变量,我们需要使用
if($statement->fetch()){
$userVotesResult = userVotesText;
}
This method is much better than other for querying databases and is called Prepared Statement 此方法比其他查询数据库要好得多,称为“ 预备语句”
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.