[英]How to use prepared statement with MySQLI?
$mysqli = new mysqli("localhost", "root", "", "test");
$mysqli->query('PREPARE mid FROM "SELECT name FROM test_user WHERE id = ?"');
// working code start
//$res = $mysqli->query('PREPARE mid FROM "SELECT name FROM test_user" ');
//$res = $mysqli->query( 'EXECUTE mid;') or die(mysqli_error($mysqli));
// working code end..
$res = $mysqli->query( 'EXECUTE mid 1;') or die(mysqli_error($mysqli));
while($resu = $res->fetch_object()) {
echo '<br>' .$resu->name;
}
Error:错误:
You have an error in your SQL syntax;
您的 SQL 语法有错误; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
检查与您的 MySQL 服务器版本相对应的手册,以获取在第 1 行的“1”附近使用的正确语法
my php version is PHP Version 5.3.0
and mysql我的 php 版本是
PHP Version 5.3.0
和 mysql
mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $
I got the correct result with out using the where clause
我在不使用
where clause
的情况where clause
得到了正确的结果
Use the prepare function for a SELECT query:对 SELECT 查询使用准备函数:
http://php.net/manual/en/mysqli.prepare.php http://php.net/manual/en/mysqli.prepare.php
/* create a prepared statement */
if ($stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) {
/* bind parameters for markers */
$stmt->bind_param("s", $city);
/* execute query */
$stmt->execute();
/* bind result variables */
$stmt->bind_result($district);
/* fetch value */
$stmt->fetch();
/* close statement */
$stmt->close();
}
http://dev.mysql.com/doc/refman/5.1/en/execute.html http://dev.mysql.com/doc/refman/5.1/en/execute.html
You need to have a using clause in the EXECUTE statement.您需要在 EXECUTE 语句中有一个 using 子句。 So you could do something like:
所以你可以这样做:
$mysqli = new mysqli("localhost", "root", "", "test");
$mysqli->query('PREPARE mid FROM "SELECT name FROM test_user WHERE id = ?"');
$mysqli->query('SET @var1 = 1;');
$res = $mysqli->query( 'EXECUTE mid USING @var1;') or die(mysqli_error($mysqli));
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.