如何在bind_param上使用implode?
[英]How can I use implode on bind_param?
问题描述
So I have a create account method and within that an associative array called userInfo . 
因此,我有一个create account方法,并且在其中有一个名为userInfo的关联数组。 This is the array: 这是数组:
$userInfo = array(
'username' => $username,
'salt' => $this->passwordHash('Extra Protection is a good thing'),
'password' => $this->passwordHash($password)
);
Now I am "Trying" to use implode with the prepared statement. 现在,我正在“尝试”在准备好的语句中使用内爆。 I seem to be getting a No data supplied for parameters in prepared statement error when it attempts to bind the parameters. 当它试图绑定参数时,似乎No data supplied for parameters in prepared statement错误中No data supplied for parameters in prepared statement 。
Here is the statement: 这是声明:
if ( ! ($stmt = $this->Connection()->prepare("INSERT INTO " . $this->_info['Prefix'] . "users
(`".implode("`, `", array_keys($userInfo))."`) VALUES (?, ?, ?)")))
{
echo 'Prepare Failed: ' . $stmt->error . '<br />';
}
if ( ! $stmt->bind_param('sss', implode("', '", $userInfo)))
{
echo 'Bind Failed: ' . $stmt->error . '<br />';
}
if ( ! $stmt->execute())
{
echo 'Execute Failed: ' . $stmt->error . '<br />';
}
I originally used real_escape_string and the query did execute correctly. 我最初使用real_escape_string ,并且查询正确执行。 It's just the prepared statement that it doesn't like. 这只是它不喜欢的准备好的陈述。
What is wrong with it? 怎么了
1 个解决方案
解决方案1
2 已采纳 2014-09-28 18:27:06
You don't properly understand prepared statements. 您没有正确理解准备好的语句。 Each inserted value would be prepared according to it's table field definintion. 每个插入的值将根据其表字段定义进行准备。 This is your query for example: 例如,这是您的查询:
INSERT
INTO users (`username`, `salt`, `password`)
VALUES ('john', 'somesalt', 'somepassword');
So value jonh will be prepared according to username field settings, somesalt - according to salt , etc. 因此,值jonh将根据username somesalt段设置, somesalt根据salt等进行准备。
So what are your errors here (i skip implode and etc): 那么您在这里的错误是什么(我跳过内implode等):
When you do: 当您这样做时:
$stmt = $this->Connection()->prepare("INSERT INTO "
. $this->_info['Prefix']
. "users (`user`, `salt`, `password`) values (?, ?, ?)");
$stmt->bind_param('sss', implode("', '", $userInfo))
it's wrong because query expects 3 string ( s ), each string will be prepared according to field settings, and you're giving only one. 这是错误的,因为查询预计3串( s ),每个字符串将根据现场设置的准备,而你只给一个。
When you change to this: 当您更改为此:
$stmt = $this->Connection()->prepare("INSERT INTO "
. $this->_info['Prefix']
. "users (`user`, `salt`, `password`) values (?)");
$stmt->bind_param('s', implode("', '", $userInfo))
it's wrong too, because here comes query error. 这也是错误的,因为这里出现查询错误。 You want to insert three fields but give value for one field only. 您只想插入三个字段,但只给一个字段赋值。
So what you really should do is: 因此,您真正应该做的是:
$stmt = $this->Connection()->prepare("INSERT INTO "
. $this->_info['Prefix']
. "users (`user`, `salt`, `password`) values (?, ?, ?)");
$stmt->bind_param('sss', $userInfo['username'], $userInfo['salt'], $userInfo['password']);
So, in the end it's impossible to use implode with bind_param in mysqli (I hope it's mysqli), and if you want to know hot to use bind_param with array of values - you should read this comment on php.net - http://ru2.php.net/manual/ru/mysqli-stmt.bind-param.php#104073 因此,最后,不可能在mysqli中将implode与bind_param一起使用(我希望它是mysqli),并且如果您想知道结合使用具有值数组的bind_param您应该在php.net上阅读此注释-http:// ru2.php.net/manual/ru/mysqli-stmt.bind-param.php#104073
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.