代码之家  ›  专栏  ›  技术社区  ›  Mike

prepare()vs query()mysqli

mysqli mysql php
  •  5
  • Mike  · 技术社区  · 15 年前 

      // this works

  if ($query = $this->db->query("SELECT html FROM static_pages WHERE page = 'cities'")) {

     $result = $query->fetch_row();
     echo $result[0];

  $query->close();

  }

  //this does not work
  //result is empty

     $cities = 'cities';

     $stmt = $this->db->prepare("SELECT html FROM static_pages WHERE page = ?");
     $stmt -> bind_param("s", $cities);
     $stmt->execute();
     $stmt->bind_result($result);
     $stmt->fetch();
     echo $result;
     $stmt->close();

     $this->db->close();

    以下是我的服务器配置:

    操作系统

    迈斯克利

    MysqlI支持已启用

    客户端API库版本5.0.51a

    MYSQLI\u插座/tmp/mysql.sock

    指令本地值主值

    mysqli.default\u主机没有价值没有价值

    mysqli.default\u密码没有价值没有价值

    mysqli.default_socket 没有价值没有价值

    mysqli.reconnect 关-关

    3 回复  |  直到 15 年前
        1
  •  2
  •   a1ex07    15 年前

    你能试试吗 $stmt->store_result(); 之间 $stmt->execute(); $stmt->bind_result($result); ?

        2
  •  2
  •   VolkerK    15 年前

    任何 其中一个mysqli函数可能会失败。在这种情况下,返回值是 false 以及 mysqli mysqli_stmt 对象包含有关错误的详细信息。剧本 

    <?php
$foo = new Foo;
$foo->init();
$foo->bar();
class Foo {
  public function bar() {
    $cities = 'cities';  
    $stmt = $this->db->prepare("SELECT html FROM soTest WHERE page = ?");
    if ( !$stmt ) {
      echo "prepare failed\n";
      echo "error: ", $this->db->error, "\n";
      return;
    }

    $rc = $stmt->bind_param("s", $cities);
    if ( !$rc ) {
      echo "bind_param failed\n";
      echo "error: ", $stmt->error, "\n";
      return;
    }

    $rc=$stmt->execute();
    if ( !$rc ) {
      echo "execute failed\n";
      echo "error: ", $stmt->error, "\n";
      return;
    }

    $rc = $stmt->bind_result($result);
    if ( !$rc ) {
      echo "bind_result failed\n";
      echo "error: ", $stmt->error, "\n";
      return;
    }

    $rc = $stmt->fetch();
    if ( !$rc ) {
      echo "no such record\n";
    }
    else {
      echo 'result: ', $result, "\n";
    }
    $stmt->close();
  }

  public function init() {
    $this->db = new mysqli('localhost', 'localonly', 'localonly', 'test');
    if ($this->db->connect_error) {
      die('connection failed: ' . $this->db->connect_error);
    }
    $rc = $this->db->query('CREATE TEMPORARY TABLE
      soTest (id int auto_increment, html varchar(16), page varchar(16),primary key(id))'
    );
    if ( !$rc ) {  die('error: '.$this->db->error); }
    $rc = $this->db->query("INSERT INTO soTest (html,page) VALUES ('htmlFoo','foo'),('htmlCities','cities')");
    if ( !$rc ) {  die('error: '.$this->db->error); }
  }
}

    保持 CWE-209: Information Exposure Through an Error Message die() .

        3
  •  0
  •   Mchl    15 年前

    echo $result; echo $results;

    推荐文章
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号