dtsc14683 2013-05-07 18:10
浏览 30
已采纳

PHP MySQLi bind_param()混乱

Long story short, I've gotten this far:

$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s",$_GET['slug']);

But I'm completely confused on how to get the result into an associative array. I tried

$stmt = $mysqli->prepare($sql);
$result = $stmt->bind_param("s",$_GET['slug']);
while ($row = $result->fetch_assoc()) {
    printf ("%s (%s)
", $row["website_name"], $row["subheading"]);
}

I don't think I could use $mysqli->query($query) instead of a prepared statement, 'cause that seems like it would leave me open to SQL Injection attacks. Yet, that's the bit of code used in the PHP documentation for doing what I want to do. So I can't find anything that shows how to take the results of a prepared statement and move it into an associative array. Does anyone know? Is it even possible?

  • 写回答

2条回答 默认 最新

  • doucheng4094 2013-05-07 18:19
    关注

    Mysqli has two ways of doing queries.

    You can use prepared statements, where you use bind_param to fill in the placeholders, execute() to perform the query, and bind_result to receive the results.

    Or you can use statements with variables interpolated, like mysql. Then you can use fetch_assoc to receive the results into an associative array.

    I don't think you can mix these two approaches. You can't bind the parameters and then use a fetch function to receive results. If you want that ability, use PDO instead.

    It's annoying, IMHO.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 公交车和无人机协同运输
  • ¥15 stm32代码移植没反应
  • ¥15 matlab基于pde算法图像修复,为什么只能对示例图像有效
  • ¥100 连续两帧图像高速减法
  • ¥15 组策略中的计算机配置策略无法下发
  • ¥15 如何绘制动力学系统的相图
  • ¥15 对接wps接口实现获取元数据
  • ¥20 给自己本科IT专业毕业的妹m找个实习工作
  • ¥15 用友U8:向一个无法连接的网络尝试了一个套接字操作,如何解决?
  • ¥30 我的代码按理说完成了模型的搭建、训练、验证测试等工作(标签-网络|关键词-变化检测)