我正在尝试将所有标准MySQLi查询重写为MySQLi Prepared Statements。
我注意到了一个问题,每当我有一个包含连字符的变量时,execute()就会失败。
我正在处理的变量($ project_id)如下所示:'AAD0012003-01'。
$get_progress_done = $db->prepare("SELECT COUNT(*) as rows FROM testvoorstage_checklists.?"); $get_progress_done->bind_param("s", $project_id); $get_progress_done->execute(); $get_progress_done->store_result(); $get_progress_done->bind_result($rows); while($get_progress_done->fetch()) { echo $rows; }我现在一直在寻找一个解决方案,我仍然没有找到一种方法来“逃避”变量中的连字符。
我知道查询确实有效,因为我已经在PHPMyAdmin中使用set变量尝试了它们,并且它们在那里工作正常。
我正在学习准备语句,我很想知道如何解决这个问题,因为我有很多包含特殊字符的变量。
我得到的错误是:
在非对象上调用成员函数bind_param()
I'm trying to rewrite all of my standard MySQLi queries to MySQLi Prepared Statements.
I've noticed a problem though, whenever I have a variable that contains a hyphen, the execute() fails.
The variables I'm dealing with ($project_id) look like this: 'AAD0012003-01'.
$get_progress_done = $db->prepare("SELECT COUNT(*) as rows FROM testvoorstage_checklists.?"); $get_progress_done->bind_param("s", $project_id); $get_progress_done->execute(); $get_progress_done->store_result(); $get_progress_done->bind_result($rows); while($get_progress_done->fetch()) { echo $rows; }I've been searching for a solution for a couple of days now, and I still haven't found a way to 'escape' the hyphen in a variable.
I know the queries do work, because I've tried them in PHPMyAdmin with a set variable and they are working fine there.
I'm learning Prepared Statements, and I would love to know how to fix this because I have quite alot of variables that contain special characters.
The error I'm getting is:
Call to a member function bind_param() on a non-object
最满意答案
您的问题与连字符或准备好的语句无关。 真正的问题是您的数据库设计 。 您必须将所有项目存储在同一个表中,而不是为每个项目设置单独的表。 请明智地命名您的变量。 无论如何, $db->prepare返回的内容都不是$get_progress_done - 它只是一个mysqli语句。所以,这段代码会做
$sql = "SELECT COUNT(*) as rows FROM projects where project_id = ?"; $stmt = $db->prepare($sql); $stmt->bind_param("s", $project_id); $stmt->execute(); $stmt->bind_result($rows); $stmt->fetch(); echo $rows;但是,在我的生活中,我永远不会理解编写7行代码的PHP用户,其中只有一行是足够的。
Your problem has nothing to do with hyphens or prepared statements. The real problem is your database design. Instead of having a separate table for the each project, you have to store all the projects in the same table. Please name your variables sensibly. What $db->prepare returns is not, by any means, whatever $get_progress_done - it's merely a mysqli statement.So, this code will do
$sql = "SELECT COUNT(*) as rows FROM projects where project_id = ?"; $stmt = $db->prepare($sql); $stmt->bind_param("s", $project_id); $stmt->execute(); $stmt->bind_result($rows); $stmt->fetch(); echo $rows;However, I will never in my life understand PHP users who are writing 7 lines of code where only one is enough.
更多推荐
发布评论