MySQLi 在 PHP 中准备了更新语句
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10623405/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
MySQLi prepared update statement in PHP
提问by ???
How do you write a prepared update statement? Reference:mysqli::prepare
你如何编写准备好的更新语句?参考:mysqli::prepare
I've tried writing it as described:
我试过按照描述写它:
if ($stmt = $mysqli->prepare("UPDATE tblFacilityHrs SET title =? description = ? WHERE uid = ?")){
$stmt->bind_param('sss', $title, $desc, $uid2);
//Get params
$title=$_POST['title'];
$desc=$_POST['description'];
$uid2=$_GET['uid'];
$stmt->execute();
$stmt->close();
}
else {
//Error
printf("Prep statment failed: %s\n", $mysqli->error);
}
Error:
错误:
Prep statment failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'description = ? WHERE uid = ?' at line 1 Edited row.
Prep 语句失败:您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,了解在 'description = ? WHERE uid = ?' 在第 1 行编辑的行。
回答by Michael Berkowski
You're just missing a comma between the set columns:
您只是在设置的列之间缺少一个逗号:
UPDATE tblFacilityHrs SET title = ?, description = ? WHERE uid = ?
^^^^^^
When MySQL reports an error the likes of check the manual for syntax to use near 'something, look most often to the character immediately preceding the 'something, as that is where your error occurs.
当 MySQL 报告错误时,例如检查手册以了解要在 'something 附近使用的语法,最常查看'something之前的字符,因为这是发生错误的地方。
Note: you may need to call bind_param()after setting the input variables rather than before. I can't remember how MySQLi parses them and when they're bound, but logically it makes more sense in code to set them first then bind anyway.
注意:您可能需要bind_param()在设置输入变量之后而不是之前调用。我不记得 MySQLi 如何解析它们以及它们何时被绑定,但从逻辑上讲,在代码中先设置它们然后再绑定更有意义。
//Get params
$title=$_POST['title'];
$desc=$_POST['description'];
$uid2=$_GET['uid'];
$stmt->bind_param('sss', $title, $desc, $uid2);
回答by Madara's Ghost
You probably need to add commas:
您可能需要添加逗号:
$stmt = $mysqli->prepare("UPDATE tblFacilityHrs SET title = ?, description = ? WHERE uid = ?"
回答by billyonecan
You are binding the parameters before assigning them to variables:
您在将参数分配给变量之前绑定参数:
$title=$_POST['title'];
$desc=$_POST['description'];
$uid2=$_GET['uid'];
$stmt->bind_param('sss', $title, $desc, $uid2);
edit: scratch that, it doesn't appear to make a difference whether or not the parameters are bound before or after you have defined the variables (you learn something new everyday!), but like Michael said, logically it makes sense to define them first.
编辑:从头开始,在定义变量之前或之后绑定参数似乎没有区别(您每天都在学习新东西!),但正如迈克尔所说,从逻辑上讲,定义它们是有意义的第一的。
