PHP 和 mysqli 准备语句
[英]PHP and mysqli prepared statement
问题描述
I have created this function to select data from a database table:
我创建了这个函数来从数据库表中选择数据:
function data_users($dbc,$id){
$q = "SELECT * FROM users WHERE id = $id";
$r = mysqli_query($dbc,$q);
return $r;
}
How can I create the same function but this time with prepared statement?我怎样才能创建相同的函数,但这次使用准备好的语句? After that a usually call the function like this:之后,通常会像这样调用函数:
$result = data_users($dbc,$id);
while ($users_info = mysqli_fetch_assoc($result)) {
//do something
}
Can I use the same method after the change?更改后我可以使用相同的方法吗?
2 个解决方案
解决方案1
1 2016-09-19 07:57:31
Note that you can write such a function only of your PHP mysqli is built upon mysqlnd driver.请注意,您只能编写基于 mysqlnd 驱动程序的 PHP mysqli 这样的函数。 In such a case you can write it like this:在这种情况下,你可以这样写:
function data_users($dbc,$id){
$sql = "SELECT * FROM users WHERE id = ?";
$stmt = $dbc->prepare($sql);
$stmt->bind_param("i",$id);
$stmt->execute();
$result = $stmt->get_result();
return $result->fetch_assoc();
}
note that you shouldn't be afraid of the object syntax, it's really simple.请注意,您不应该害怕对象语法,它非常简单。
解决方案2
0 2016-09-19 07:37:41
if ($stmt = mysqli_prepare($db, "SELECT * FROM users WHERE id = ?")) {
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $result);
mysqli_stmt_fetch($stmt);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.