使用php echo語句添加where子句

Question

我有下面的查詢，它工作得很好。

我可以作出聲明找到登錄的用戶ID：

$memberID = getLoggedMemberID(); 

是否可以添加到下面的SQL查詢嗎？喜歡的東西：你的意思是這樣

WHERE membership_userrecords.MemberID = $memberID 

任何意見將是巨大的

<?php 
$servername = "localhost"; 
$username = "root"; 
$password = "fdggsdtw3fg3f"; 
$dbname = "crm4"; 
// Create connection 
$conn = new mysqli($servername, $username, $password, $dbname); 

// Check connection 
if ($conn->connect_error) { 
    die("Connection failed: " . $conn->connect_error); 
} 
      $memberID = getLoggedMemberID(); 

       $sql = "select * from membership_userrecords INNER JOIN Orders ON membership_userrecords.pkValue = Orders.id"; 

$result2 = $conn->query($sql); 
$row = $result2->fetch_assoc(); 
echo $row["id14"]; 

?> 

Answer 1

？

$ sql =「select * from membership_userrecords INNER JOIN Orders ON membership_userrecords.pkValue = Orders.id WHERE membership_userrecords.MemberID =」。 mysql_real_escape_string（$ memberId）;

要驗證這一點，您可以打印$ sql並檢查memberId是否被成功替換。

Answer 2

最簡單的形式，你可以改變：

$sql = "select * from membership_userrecords 
INNER JOIN Orders ON membership_userrecords.pkValue = Orders.id"; 

要：

$sql = "select * from membership_userrecords 
INNER JOIN Orders ON membership_userrecords.pkValue = Orders.id 
WHERE membership_userrecords.MemberID = " . mysql_real_escape_string($memberID); 

Answer 3

去你在您的評論說，我認爲以下可能是你以後在做什麼：

$memberID = getLoggedMemberID(); 

$sql = "SELECT * 
     FROM membership_userrecords 
     INNER JOIN Orders ON membership_userrecords.pkValue = Orders.id 
     WHERE membership_userrecords.MemberID = ?"; 

$statement = $conn->prepare($sql); 
$statement->bind_param('i', $memberID); 

$result2 = $statement->execute();