如何將變量的值賦值給之前的另一個變量？

Question

我的代碼是在這裏：

$array_letter = array("A","B","C","Ç","D","E","F","G","H","I","İ","J","K","L", 
         "M","N","O","P","R","S","Ş","T","U","Ü","V","Y","Z"); 

$sql = "SELECT id,city FROM city WHERE city LIKE '" .$array_letter[$i]."%'"; 

而且這些代碼之後：

for ($i=0;$i<27;$i++) { 
$result = mysql_query($sql); 
while ($row = mysql_fetch_array($result)) { 

echo "<h3>".$row['city']."</h3>"; 

    }  
} 

$ sql中是沒有意義的，因爲$array_letter[$i]將在那裏工作。但$ sql必須是這些設計代碼的頂部。因爲我編碼爲switch-case statement。根據要求，$sql將因此變化，因此我無法在for循環下編寫$sql。但是，我所有的查詢取決於$array_letter。我如何使$array_letter工作？

Answer 1

您應該使用mysqli驅動程序和準備的語句：

$st = $mysqli->prepare("SELECT id,city FROM city WHERE city LIKE ?'"); 
for ($i=0;$i<27;$i++) { 
    $st->bind_param("s", $array_letter[$i].'%'); 
    $st->execute(); 
    $result = $st->get_result(); 

    while ($row = $result->fetch_assoc()) { 
    echo "<h3>".$row['city']."</h3>"; 
    } 
} 

雖然這種情況下，我會建議只是在做一個大的查詢，是因爲它看起來像你得到的一切：SELECT id,city FROM city ORDER BY city ...

教育目的，另一種方法是做這樣的事情：

$sql = "SELECT * FROM foo WHERE bar='%s'"; 
mysql_query(sprintf($sql, "42")); 

這可能是在鄰有用有些情況下，但是如果您正在編寫SQL，那麼使用預準備語句會更加優雅地解決此問題，同時還有助於防止SQL注入攻擊並最大限度地減少服務器必須執行的SQL解析量。

Answer 2

你應該使用準備好的語句，正如馬修在他的回答中所提到的。

否則認爲這（使用PHP 5.3閉包）：

$sql = function($i) use ($array_letters) { 
    return "SELECT id,city FROM city WHERE city LIKE '" .$array_letter[$i]."%'"; 
} 

然後你的循環中：

mysql_query($sql($i)); 

Answer 3

這將有助於減少數據庫調用。

$array_letter = array("A","B","C","Ç","D","E","F","G","H","I","İ","J","K","L", 
        "M","N","O","P","R","S","Ş","T","U","Ü","V","Y","Z"); 
for($i=0;$i<count($array_letter);$i++){ 
if($i!=count($array_letter)-1) 
$qstring.="city like '".$array_letter[$i]."%' or "; 
else 
$qstring.="city like '".$array_letter[$i]."%'"; 
} 
$sql = "SELECT id,city FROM city WHERE ".$qstring; 
$result = mysql_query($sql); 
while ($row = mysql_fetch_array($result)) { 
echo "<h3>".$row['city']."</h3>"; 
    }