douxiong5972 2013-11-25 13:20
浏览 38

如何绑定post变量

just a quick question about binding in php

I know if you do something like 

$select = update my_table set name ='".$posted_name.'" where id=1;

and that is subjected to sql injection

but how will you bind the query below

$select = update my_table set name ='".$posted_name[$a].'" where id=1;

IN my bind array this is how I am binding anything without [$a]

for any example with the first statement I am doing 

   $select = update my_table set name =:p_update_name where id=1;

   $bind_update = array('p_update_name' => $t_update_name);
  • 写回答

2条回答 默认 最新

  • duanjurong1347 2013-11-25 13:26
    关注

    Try like this:

    $stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (?, ?)");
$stmt->bindParam(1, $name);
$stmt->bindParam(2, $value);

// insert one row
$name = 'one';
$value = 1;
$stmt->execute();
    评论

报告相同问题?

悬赏问题

  • ¥15 java 操作 elasticsearch 8.1 实现 索引的重建
  • ¥15 数据可视化Python
  • ¥15 要给毕业设计添加扫码登录的功能!!有偿
  • ¥15 kafka 分区副本增加会导致消息丢失或者不可用吗?
  • ¥15 微信公众号自制会员卡没有收款渠道啊
  • ¥15 stable diffusion
  • ¥100 Jenkins自动化部署—悬赏100元
  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条
  • ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘