标签:预编译 传值 res etc while 防止 echo result fetch
<?php
/**
* mysqli预编译
*/
//1、创建mysqli对象
$mysqli = new MYSQLI("wk.php","root","root","db_text");
!$mysqli->connect_error or die("连接失败".$mysqli->connect_error);
//2、创建预编译对象
$sql = "INSERT INTO t_user2(name,pwd,sex,age,birthday) VAlUES(?,?,?,?,?)";
$mysqli_stmt = $mysqli->prepare($sql);
//3、绑定参数(给?传值,必须传变量)
$name = "赵六";
$pwd = "123";
$sex = 1;
$age = 20;
$birthday = "1990-2-2";
$mysqli_stmt->bind_param("ssiis",$name,$pwd,$sex,$age,$birthday);
//4、执行
$b = $mysqli_stmt->execute();
if($b){
echo "执行成功";
}else{
echo "执行失败".$mysqli_stmt->error;
}
$mysqli_stmt->close();
$mysqli->close();
<?php
/**
* mysqli预编译查询
* 预编译可以防止sql注入攻击
*/
//1、创建mysqli对象
$mysqli = new MYSQLI("wk.php","root","root","db_text");
!$mysqli->error or die("连接失败".$mysqli->connect_error);
//2、创建预编译对象
$sql = "select id,name,age from t_user2 where id > ?";
$mysqli_stmt = $mysqli->prepare($sql);
//3、绑定参数(给占位符传值)
$id = 55;
$mysqli_stmt->bind_param("i",$id);
//4、绑定结果集
$result = $mysqli_stmt->bind_result($id,$name,$age);
//5、执行
$mysqli_stmt->execute();
//6、取出绑定的值
while($mysqli_stmt->fetch()){
echo "----$id-----$name-----$age<br>";
}
echo "****************<br>";
$id = 60;
$mysqli_stmt->bind_param("i",$id);
// $result = $mysqli_stmt->bind_result($id,$name,$age);
$mysqli_stmt->execute();
while($mysqli_stmt->fetch()){
echo "----$id-----$name-----$age<br>";
}
$mysqli_stmt->free_result();
$mysqli_stmt->close();
$mysqli->close();
?>
标签:预编译 传值 res etc while 防止 echo result fetch
原文地址:http://www.cnblogs.com/kuku2/p/7672649.html
