使用mysqli :: bind_result()从列中提取数据
[英]Extracting data from a column using mysqli::bind_result()
问题描述
My query returns with null in my php code , but when I enter the same query into phpmyadmin it returns the row to which it belongs. 
我的查询在我的php代码中返回null,但是当我在phpmyadmin中输入相同的查询时,它返回它所属的行。 Here is the database I am using 这是我正在使用的数据库
CREATE TABLE `payment`.`users`(
`u_id` int(12) NOT NULL AUTO_INCREMENT,
`email` varchar(255) NOT NULL,
`passwd` varchar(100) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY (`email`)
) ENGINE=MyISAM;
and here is the code i am using that is returning null when it clearly works in phpmyadmin. 这是我正在使用的代码,当它在phpmyadmin中可以正常工作时返回null。
function getUserId($email, $passwd) {
$mysqli = db_connect();
$query = "SELECT `u_id` FROM `payment`.`users` WHERE `email`='$email' AND `passwd`='$passwd' ORDER BY 1";
if ($stmt = $mysqli->prepare($query)) {
/* execute query */
$stmt->execute();
$stmt->bind_result($u_id);
while ($stmt->fetch()) {
return $u_id;
}
}
} }
1 个解决方案
解决方案1
-1 2014-05-02 00:55:18
The thing is that you are using variables in your php code to set the values. 问题是您在php代码中使用变量来设置值。 In phpMyAdmin you're inserting values directly, therefore the problem may be in the values inserted. 在phpMyAdmin中,您直接插入值,因此问题可能出在插入的值中。
First of all use PDO 's bindParam() or mysqli 's bind_param() statements as they sanitize inputs and help you avoid SQL Injections . 首先,使用PDO的bindParam()或mysqli的bind_param()语句来清理输入并帮助您避免SQL注入 。 Second good thing about using prepared statements and binding params is that you can specify the type of the data being binded to to the query which in most cases will fix such problems. 使用准备好的语句和绑定参数的第二个好处是,您可以指定要绑定到查询的数据的类型,这在大多数情况下可以解决此类问题。 Though in your case you're probably inserting strings. 虽然您可能正在插入字符串。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.