使用 PHP 准备好的语句检索 sql 数据库信息
Retrieving sql database information with PHP prepared statements
我想在 table 中找到用户名并获取完整的名字和姓氏,连接并绑定到一个变量($usernames)。这是一个较大的登录文件中的一段代码,其中定义了 $link 等,并且连接正常:
$param_username = "x";
$users_fname = $users_sname = "";
$sql = "SELECT users_fname, users_sname FROM users WHERE users_username = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_username);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $users_fname, $users_sname);
$usernames = $users_fname . $users_sname;
$_SESSION["username"] = $usernames;
echo $_SESSION["username"];
谁能发现我可能做错了什么?
正在执行的语句似乎 return row/columns 直接在数据库上 运行 时就好了,即:
SELECT users_fname, users_sname FROM users WHERE users_username = 'x';
在这一行之后:
mysqli_stmt_bind_result($stmt, $users_fname, $users_sname);
添加:
mysqli_stmt_fetch($stmt);
然后:
$usernames = $users_fname . $users_sname;
$_SESSION["username"] = $usernames;
echo $_SESSION["username"];
你永远不会从服务器上获取任何东西。您必须使用 get_result()
才能得到结果。
$param_username = "x";
$sql = "SELECT CONCAT(users_fname, users_sname) AS fullname FROM users WHERE users_username = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("s", $param_username);
$stmt->execute();
$data = $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
$_SESSION["username"] = $data[0]['fullname'];
我不推荐使用bind_result()
,但是如果你想使用这个函数,那么你可以通过以下方式来实现:
$param_username = "x";
$sql = "SELECT CONCAT(users_fname, users_sname) AS fullname FROM users WHERE users_username = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("s", $param_username);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($_SESSION["username"]);
$stmt->fetch(); // execute for each row if you have more than 1
使用 PDO 这会快得多。
我想在 table 中找到用户名并获取完整的名字和姓氏,连接并绑定到一个变量($usernames)。这是一个较大的登录文件中的一段代码,其中定义了 $link 等,并且连接正常:
$param_username = "x";
$users_fname = $users_sname = "";
$sql = "SELECT users_fname, users_sname FROM users WHERE users_username = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_username);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $users_fname, $users_sname);
$usernames = $users_fname . $users_sname;
$_SESSION["username"] = $usernames;
echo $_SESSION["username"];
谁能发现我可能做错了什么?
正在执行的语句似乎 return row/columns 直接在数据库上 运行 时就好了,即:
SELECT users_fname, users_sname FROM users WHERE users_username = 'x';
在这一行之后:
mysqli_stmt_bind_result($stmt, $users_fname, $users_sname);
添加:
mysqli_stmt_fetch($stmt);
然后:
$usernames = $users_fname . $users_sname;
$_SESSION["username"] = $usernames;
echo $_SESSION["username"];
你永远不会从服务器上获取任何东西。您必须使用 get_result()
才能得到结果。
$param_username = "x";
$sql = "SELECT CONCAT(users_fname, users_sname) AS fullname FROM users WHERE users_username = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("s", $param_username);
$stmt->execute();
$data = $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
$_SESSION["username"] = $data[0]['fullname'];
我不推荐使用bind_result()
,但是如果你想使用这个函数,那么你可以通过以下方式来实现:
$param_username = "x";
$sql = "SELECT CONCAT(users_fname, users_sname) AS fullname FROM users WHERE users_username = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("s", $param_username);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($_SESSION["username"]);
$stmt->fetch(); // execute for each row if you have more than 1
使用 PDO 这会快得多。