堆栈内存溢出
  简体   繁体   English

在预备语句中转换PHP预备语句

[英]Convert PHP Prepared Statements Within Prepared Statements

 原文  2015-08-04 21:27:03       php/ mysqli

问题描述

I'm trying to convert the following php code into a prepared statements. 我正在尝试将以下php代码转换为准备好的语句。

The code below querys for all games that has not started yet, delete all picks and then insert new picks. 下面的代码查询尚未开始的所有游戏,删除所有选择,然后插入新选择。 

$sql = "SELECT gameID, weekNum, gameTimeEastern FROM htb_schedule
            WHERE weekNum = " . $week . "
            AND (DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < gameTimeEastern
            AND DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < '" . $cutoffDateTime . "') ";

$query = $mysqli->query($sql);

if ($query->num_rows > 0) {

    while ($row = $query->fetch_assoc()) {

        $sql = "DELETE FROM htb_picks WHERE userID = " . $user->userID . " AND gameID = " . $row['gameID'];
        $mysqli->query($sql);

        if (!empty($_POST['game' . $row['gameID']])) {

            $sql = "INSERT INTO htb_picks (userID, gameID, pickID, weekN, timestamp) VALUES (" . $user->userID . ", " . $row['gameID'] . ", '" . $_POST['game' . $row['gameID']] . "', " . $week . ", NOW() )";
            $mysqli->query($sql);

        }
    }
}

The code below is my attempt at prepared statements. 下面的代码是我尝试准备的语句。 

$sql = "SELECT gameID, weekNum, gameTimeEastern FROM htb_schedule
            WHERE weekNum = ?
            AND (DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < gameTimeEastern
            AND DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < '" . $cutoffDateTime . "') ";

$stmt = $mysqli->prepare($sql);
$stmt->bind_param("i", $week);
$stmt->execute();
$stmt->bind_result($gameID, $weekNum, $gameTimeEastern);

if ($stmt->num_rows > 0) {

    while ($stmt->fetch()) {

        $sql = "DELETE FROM htb_picks WHERE userID = ? AND gameID = ? ";
        $stmt = $mysqli->prepare($sql);
        $stmt->bind_param("ii", $user->userID, $gameID);
        $stmt->execute();
        $stmt->close();

        if (!empty($_POST['game' . $row['gameID']])) {

            $sql = " INSERT INTO htb_picks (userID, gameID, pickID, weekN, timestamp) VALUES (?, ?, ?, ?, NOW()) ";
            $stmt = $mysqli->prepare($sql);
            $stmt->bind_param("iisi", $user->userID, $gameID, $_POST['game' . $row['gameID']], $week);
            $stmt->execute();
            $stmt->close();

        }
    }
}
$stmt->free_result();

The code is suppose to DELETE and INSERT results but it's not doing that. 该代码假定为DELETE和INSERT结果,但没有这样做。 What am I doing wrong? 我究竟做错了什么?

If I use the following code below it will work but the first sql is not a prepared statment. 如果我在下面使用以下代码,它将起作用,但是第一个sql不是准备好的语句。 

$sql = "SELECT * FROM htb_schedule
            WHERE weekNum = " . $week . "
            AND (DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < gameTimeEastern
            AND DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < '" . $cutoffDateTime . "') ";

$query = $mysqli->query($sql);

if ($query->num_rows > 0) {

    while ($row = $query->fetch_assoc()) {

        $sql = "DELETE FROM htb_picks WHERE userID = ? AND gameID = ? ";

        $stmt = $mysqli->prepare($sql);

        $stmt->bind_param("ii", $user->userID, $row['gameID']);

        $stmt->execute();

        $stmt->close();

        if (!empty($_POST['game' . $row['gameID']])) {

            $sql = " INSERT INTO htb_picks (userID, gameID, pickID, weekN, timestamp) VALUES (?, ?, ?, ?, NOW()) ";

            $stmt = $mysqli->prepare($sql);

            $stmt->bind_param("iisi", $user->userID, $row['gameID'], $_POST['game' . $row['gameID']], $week);

            $stmt->execute();

            $stmt->close();

        }
    }
}
$query->free;

1 个解决方案

解决方案1
 0  2015-08-04 21:40:51

You are over writing the $stmt that is controlling your while loop while you are inside the while loop. 当您在while循环中时,您已经写完了控制着while循环的$stmt You even ->close() it. 您甚至->close()它。

All you need to do is use a different variables name for the statement when you are inside the loop 您需要做的就是在循环内为语句使用不同的变量名称

Also you should check status of each mysqli command. 另外,您应该检查每个mysqli命令的状态。 

$sql = "SELECT gameID, weekNum, gameTimeEastern FROM htb_schedule
            WHERE weekNum = ?
            AND (DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < gameTimeEastern
            AND DATE_ADD(NOW(), INTERVAL " . SERVER_TIMEZONE_OFFSET . " HOUR) < '" . $cutoffDateTime . "') ";

$stmt = $mysqli->prepare($sql);
if ( ! $stmt ) {
    echo $mysqli->error;
}
$stmt->bind_param("i", $week);

if ( ! $stmt->execute() ) {
    echo $stmt->error;
}

$stmt->bind_result($gameID, $weekNum, $gameTimeEastern);

if ($stmt->num_rows > 0) {

    while ($stmt->fetch()) {

        $sql = "DELETE FROM htb_picks WHERE userID = ? AND gameID = ? ";
        $stmt2 = $mysqli->prepare($sql);
        if ( ! $stmt2 ) {
            echo $mysqli->error;
        }
        $stmt2->bind_param("ii", $user->userID, $gameID);
        if ( ! $stmt2->execute() )
        {
            echo $stmt2->error;
            exit;
         }

        $stmt2->close();

        // stmt2 is closed and finished with, so its name can be reused

        if (!empty($_POST['game' . $row['gameID']])) {

            $sql = "INSERT INTO htb_picks 
                            (userID, gameID, pickID, weekN, timestamp) 
                     VALUES (?, ?, ?, ?, NOW()) ";
            $stmt2 = $mysqli->prepare($sql);
            if ( ! $stmt2 ) {
                echo $mysqli->error;
            }

            $stmt2->bind_param("iisi", $user->userID, 
                                       $gameID, 
                                       $_POST['game' . $row['gameID']], 
                                       $week);

            if ( ! $stmt2->execute() )
            {
                echo $stmt2->error;
                exit;
             }

            $stmt2->close();

        }
    }
}
$stmt->close();

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP检查if语句中的准备好的语句 - php checking Prepared statements in if statements PHP在准备好的语句中的while循环失败 - php unsuccessful while loop within prepared statements PHP-MySQLi预准备语句 - PHP - MySQLi Prepared Statements 准备好的语句中的$ row [&#39;&#39;] PHP - $row[''] in prepared statements PHP PHP准备语句功能 - PHP Prepared Statements function PHP \\ MYSQL预备语句 - PHP\MYSQL prepared statements PHP多个准备好的语句 - PHP Multiple Prepared Statements 准备好的语句在PHP中不起作用 - Prepared statements not working in PHP PHP准备好的语句说明 - PHP prepared statements clarification PHP了解预备语句 - PHP Understanding Prepared Statements
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM