将mysqli存储结果作为字符串

I am trying to find the corresponding bookId for the bookName received from post in a way to avoid errors caused by quotes within the books name.

I am attempting to bind the param to $stmt as $bookName and storing the result as $stmt but

echo $stmt;

gives this error:

Recoverable fatal error: Object of class mysqli_stmt could not be converted to string

So I am not sure what I am doing...

  $bookName = trim($_POST['bookName']);

  $sql = "SELECT bookId FROM Book WHERE bookName = ?";

  if($stmt = mysqli_prepare($conn, $sql)){
      mysqli_stmt_bind_param($stmt, "s", $bookName);
      if((mysqli_stmt_execute($stmt))){
          mysqli_stmt_store_result($stmt);
      }
      else{
            header("location: error.php");
      }
  }

I was to save the bookId as $bookId

The following code does what I needed

  if($stmt = mysqli_prepare($conn, $sql)){
      mysqli_stmt_bind_param($stmt, "s", $bookName);
      if((mysqli_stmt_execute($stmt))){
          $result = mysqli_stmt_get_result($stmt);
          while ($row = mysqli_fetch_array($result, MYSQLI_NUM))
            {
                foreach ($row as $r)
                {
                    $bookId = $r;
                }

            }
       }
      else{
            header("location: error.php");
      }
  }

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dreamy1992 2018-08-30 09:13
关注
I think you are confused in between two functions mysqli_stmt_store_result and mysqli_stmt_get_result have to see this link in documentation.

You have to use mysqli_stmt_get_result function.

mysqli_stmt_get_result Documentation Link

if((mysqli_stmt_execute($stmt))){ mysqli_stmt_store_result($stmt); }

Replace above code with

if((mysqli_stmt_execute($stmt))){ // mysqli_stmt_store_result($stmt); not to use $result = mysqli_stmt_get_result($stmt); $row = mysqli_fetch_array($result, MYSQLI_NUM); echo $row; //as i dont have database details i hope this work. }

See Example Two in documentation link for more certification.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

将mysqli存储结果作为字符串 css html php
2018-08-30 09:00

回答 1 已采纳 I think you are confused in between two functions mysqli_stmt_store_result and mysqli_stmt_get_res
PHP MySqli如何将blob作为0x00000字符串？ php
2018-08-11 11:35

回答 1 已采纳 0x is just a convention for expressing hexadecimal values. The 0x10c8431200 hexadecimal value is
将MySQLi查询结果存储在PHP变量中 php
2016-08-19 02:38

回答 2 已采纳 There is some issue in your code. I have fetched associative array amd print gust name.
server sql 分组去重 字符串拼接_渗透小结-SQL注入篇
2021-01-12 18:31

weixin_39950057的博客什么是sql注入sql注入是一种将sql代码添加到输入参数中，传递到sql解析并执行的一种攻击手法，通过SQL语句，实现无账号登录，甚至篡改数据库。因此，SQL注入也是OWSP TOP 10的常客。寻找sql注入漏洞的方法1、识别web...
Mysqli查询返回空字符串 php
2013-09-10 15:47

回答 1 已采纳 According to this commenter, the "proper procedure order is: prepare -> execute -> stor
PHP我们将一个字符串变量作为函数的参数 php
2018-12-23 21:12

回答 1 已采纳 That is just not how this works. If you want to make a piece of code reusable or just move it else
警告：非法字符串偏移PHP Mysqli mysql php
2017-06-12 01:06

回答 1 已采纳 You are trying to reaches a part of the array that was overwritten. After running $rows = $rows["n
PHP笔记：取得记录中文乱码，数据库数字型到php中变字符串
2022-10-18 18:04

shanql的博客取得记录中文乱码，数据库数字型到php中变字符串
数组到字符串转换“数组”存储到数据库 mysql php
2018-06-10 15:10

回答 1 已采纳 When you run... mysqli_stmt_bind_param($stmt, "ss", $row ,$cityname); $row is retrieved in...
将字符串与字符串分开并存储在单独的行中 php
2017-02-19 20:18

回答 1 已采纳 You did a lot of coding that wasn't nessesary. I've updated the code and added some comments on ho
获取错误：类mysqli的对象无法转换为字符串 html php
2018-07-31 05:17

回答 1 已采纳 I can see two problems in your code. Firstly, on this line: $query = sprintf($link, "SELECT * FRO
字符串算法金策_【上海金大师面试|面试题】-看准网
2020-12-19 18:45

weixin_39671964的博客 //将数组转换为URL请求字符串 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_TIMEOUT, 1); curl_exec($ch); curl_close($ch); 4、使用...
PHP在点击时将超链接字符串存储到变量中 mysql php
2017-04-22 08:47

回答 2 已采纳 you did not build your link correctly, it should be <a href = "task8.php?staffID=<?php echo
mysql转义<>,mysql真正的转义字符串绝对解决sql注入
2021-01-18 23:38

weixin_39918747的博客 I want to know if I add mysql_real_escape_string to my variables that's enough to solve sql injection$get_id = "select * from `book` where id='".$mysqli->real_escape_string($id)."' limit 1";解决...
PHP基础语法学习(前端了解)
2022-08-21 23:24

螺丝福-傅栏氪邻的博客按照字符串存储（“a=1;n=2”) 4.存储大小50条左右（4kb） 5.默认会话级别的时效，可以手动关闭实现7天免登录 6.前后端都可以操作 7.如果有数据，发送请求时自动携带（cookie注入xss脚本攻击） cookie...
前端JSON
2022-07-27 13:43

m0_63636870的博客将JavaScript对象转换为JSON格式数据。
DVWA 之 XSS（stored）存储型XSS
2022-10-08 20:18

RexHarrr的博客 dvwa 存储型XSS
学堂在线笔记——前端与后台的故事——SQL语言及其编程
2022-02-14 21:36

子曰礼的博客学堂在线网课，前端与后台的故事——SQL语言及其编程（2022-01-18至2022-07-18版本），第一到第二十七章
结合DVWA-存储型XSS
2022-01-10 23:45

发奋的鼹鼠的博客结果发现name输入框有长度限制，本人使用的火狐浏览器，f12，发现name长度为10，直接在代码里修改，比如为30。然后再name输入框中进行js代码注入。如： <script>alert(document.cookie)</script> ...
没有解决我的问题, 去提问

悬赏问题

¥15 关于#matlab#的问题：在模糊控制器中选出线路信息，在simulink中根据线路信息生成速度时间目标曲线（初速度为20m/s，15秒后减为0的速度时间图像）我想问线路信息是什么
¥15 banner广告展示设置多少时间不怎么会消耗用户价值
¥16 mybatis的代理对象无法通过@Autowired装填
¥15 可见光定位matlab仿真
¥15 arduino 四自由度机械臂
¥15 wordpress 产品图片 GIF 没法显示
¥15 求三国群英传pl国战时间的修改方法
¥15 matlab代码代写，需写出详细代码，代价私
¥15 ROS系统搭建请教（跨境电商用途）
¥15 AIC3204的示例代码有吗，想用AIC3204测量血氧，找不到相关的代码。

将mysqli存储结果作为字符串

1条回答 默认 最新

悬赏问题

1条回答默认最新