[英]How can I use implode on bind_param?
So I have a create account method and within that an associative array called userInfo
. 因此,我有一个create account方法,并且在其中有一个名为
userInfo
的关联数组。 This is the array: 这是数组:
$userInfo = array(
'username' => $username,
'salt' => $this->passwordHash('Extra Protection is a good thing'),
'password' => $this->passwordHash($password)
);
Now I am "Trying" to use implode with the prepared statement. 现在,我正在“尝试”在准备好的语句中使用内爆。 I seem to be getting a
No data supplied for parameters in prepared statement
error when it attempts to bind the parameters. 当它试图绑定参数时,似乎
No data supplied for parameters in prepared statement
错误中No data supplied for parameters in prepared statement
。
Here is the statement: 这是声明:
if ( ! ($stmt = $this->Connection()->prepare("INSERT INTO " . $this->_info['Prefix'] . "users
(`".implode("`, `", array_keys($userInfo))."`) VALUES (?, ?, ?)")))
{
echo 'Prepare Failed: ' . $stmt->error . '<br />';
}
if ( ! $stmt->bind_param('sss', implode("', '", $userInfo)))
{
echo 'Bind Failed: ' . $stmt->error . '<br />';
}
if ( ! $stmt->execute())
{
echo 'Execute Failed: ' . $stmt->error . '<br />';
}
I originally used real_escape_string
and the query did execute correctly. 我最初使用
real_escape_string
,并且查询正确执行。 It's just the prepared statement that it doesn't like. 这只是它不喜欢的准备好的陈述。
What is wrong with it? 怎么了
You don't properly understand prepared statements. 您没有正确理解准备好的语句。 Each inserted value would be prepared according to it's table field definintion.
每个插入的值将根据其表字段定义进行准备。 This is your query for example:
例如,这是您的查询:
INSERT
INTO users (`username`, `salt`, `password`)
VALUES ('john', 'somesalt', 'somepassword');
So value jonh
will be prepared according to username
field settings, somesalt
- according to salt
, etc. 因此,值
jonh
将根据username
somesalt
段设置, somesalt
根据salt
等进行准备。
So what are your errors here (i skip implode
and etc): 那么您在这里的错误是什么(我跳过内
implode
等):
When you do: 当您这样做时:
$stmt = $this->Connection()->prepare("INSERT INTO "
. $this->_info['Prefix']
. "users (`user`, `salt`, `password`) values (?, ?, ?)");
$stmt->bind_param('sss', implode("', '", $userInfo))
it's wrong because query expects 3 string ( s
), each string will be prepared according to field settings, and you're giving only one. 这是错误的,因为查询预计3串(
s
),每个字符串将根据现场设置的准备,而你只给一个。
When you change to this: 当您更改为此:
$stmt = $this->Connection()->prepare("INSERT INTO "
. $this->_info['Prefix']
. "users (`user`, `salt`, `password`) values (?)");
$stmt->bind_param('s', implode("', '", $userInfo))
it's wrong too, because here comes query error. 这也是错误的,因为这里出现查询错误。 You want to insert three fields but give value for one field only.
您只想插入三个字段,但只给一个字段赋值。
So what you really should do is: 因此,您真正应该做的是:
$stmt = $this->Connection()->prepare("INSERT INTO "
. $this->_info['Prefix']
. "users (`user`, `salt`, `password`) values (?, ?, ?)");
$stmt->bind_param('sss', $userInfo['username'], $userInfo['salt'], $userInfo['password']);
So, in the end it's impossible to use implode
with bind_param
in mysqli (I hope it's mysqli), and if you want to know hot to use bind_param
with array of values - you should read this comment on php.net - http://ru2.php.net/manual/ru/mysqli-stmt.bind-param.php#104073 因此,最后,不可能在mysqli中将
implode
与bind_param
一起使用(我希望它是mysqli),并且如果您想知道结合使用具有值数组的bind_param
您应该在php.net上阅读此注释-http:// ru2.php.net/manual/ru/mysqli-stmt.bind-param.php#104073
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.