1. 首頁
  2. 問答
  3. 如何使用mysqli預處理語句綁定N個參數?

如何使用mysqli預處理語句綁定N個參數?

2012-06-22 57 views
0

在舊版本的MySQL的代碼,我有低於該查詢工作完全是在下面:如何使用mysqli預處理語句綁定N個參數?

$questioncontent = (isset($_GET['questioncontent'])) ? $_GET['questioncontent'] : ''; 

$searchquestion = $questioncontent; 
$terms = explode(" ", $searchquestion); 

$questionquery = " 
SELECT q.QuestionId, q.QuestionContent, o.OptionType, an.Answer, r.ReplyType, 
    FROM Answer an 
    INNER JOIN Question q ON q.AnswerId = an.AnswerId 
    JOIN Reply r ON q.ReplyId = r.ReplyId 
    JOIN Option_Table o ON q.OptionId = o.OptionId 

       WHERE "; 

    foreach ($terms as $each) {  
     $i++;   

     if ($i == 1){   
      $questionquery .= "q.QuestionContent LIKE `%$each%` ";  
      } else {   
       $questionquery .= "OR q.QuestionContent LIKE `%$each%` ";  
       } 
       } 

       $questionquery .= "GROUP BY q.QuestionId, q.SessionId ORDER BY "; $i = 0; foreach ($terms as $each) {  
        $i++;  

     if ($i != 1)   
     $questionquery .= "+";  
     $questionquery .= "IF(q.QuestionContent LIKE `%$each%` ,1,0)"; 
     } 

     $questionquery .= " DESC ";

但由於舊的MySQL是漸行漸遠,人們都在說使用PDO或mysqli的(不能使用,因爲PDO的版本的PHP我目前得到),我試着改變我的代碼到mysqli,但這是給我的問題。在下面的代碼中,我省去了bind_params命令,我的問題是如何在下面的查詢中綁定參數?它需要能夠結合多個$each因爲用戶能夠在輸入多個術語,並且每個$each被歸類爲一個術語。

下面是同一查詢當前的mysqli代碼:

 $questioncontent = (isset($_GET['questioncontent'])) ? $_GET['questioncontent'] : ''; 

     $searchquestion = $questioncontent; 
     $terms = explode(" ", $searchquestion); 

     $questionquery = " 
     SELECT q.QuestionId, q.QuestionContent, o.OptionType, an.Answer, r.ReplyType, 
      FROM Answer an 
      INNER JOIN Question q ON q.AnswerId = an.AnswerId 
      JOIN Reply r ON q.ReplyId = r.ReplyId 
      JOIN Option_Table o ON q.OptionId = o.OptionId 

         WHERE "; 

    foreach ($terms as $each) {  
       $i++;   

       if ($i == 1){   
    $questionquery .= "q.QuestionContent LIKE ? ";  
        } else {   
    $questionquery .= "OR q.QuestionContent LIKE ? ";  
         } 
         } 

$questionquery .= "GROUP BY q.QuestionId, q.SessionId ORDER BY "; $i = 0; foreach ($terms as $each) {  
          $i++;  

       if ($i != 1)   
       $questionquery .= "+";  
       $questionquery .= "IF(q.QuestionContent LIKE ? ,1,0)"; 
       } 

       $questionquery .= " DESC "; 



      $stmt=$mysqli->prepare($questionquery);  
      $stmt->execute(); 
      $stmt->bind_result($dbQuestionId,$dbQuestionContent,$dbOptionType,$dbAnswer,$dbReplyType); 
      $questionnum = $stmt->num_rows();

來源

2012-06-22 user1394925

回答

4

看看這個SO Post談到有關使用call_user_func_arraybind_param()

PHP Docs on mysqli_stmt_bind_param它下面說...

注:

保健必須與call_user_func_array結合 使用mysqli_stmt_bind_param()時,應考慮()。需要注意的是mysqli_stmt_bind_param() 需要參數以引用的方式傳遞,而 call_user_func_array()可以作爲參數接受的變量 可以表示的引用或值的列表。

你要使用這樣的

call_user_func_array(array($stmt, 'bind_param'), $terms);

,它是由你來確保?字符正確的號碼出現在你的SQL字符串$stmt

[編輯]

這裏的工作示例

// user entered search strings 
$user_terms = array("a", "b", "c"); 

// append your wildcard "%" to all elements. you must use "&" reference on &$value 
foreach ($user_terms as &$value) { 
    $value = '%'.$value.'%'; 
} 

$types = ""; 
for($i = 0; $i<sizeof($user_terms); $i++) { 
    $types .= "s"; 
} 

$terms = array_merge(array($types), $user_terms); 

// the array $terms now contains: { "sss", "%a%", "%b%", "%c%" } 

$sql = "SELECT ... ?,?,?" // edit your sql here 

$stmt = $mysqli->prepare($sql) 

call_user_func_array(array($stmt, 'bind_param'), $terms);

來源

2012-06-22 08:34:53 Brad

+0

我會搏一搏,但我猜的代碼行會是這樣的:'call_user_func_array(陣列($語句,'bind_param'),$ each); '?我也需要將$與$ each連接起來,因爲它是一個LIKE語句?莫非這樣代替'call_user_func_array(陣列($語句, 'bind_param'),$每= '%' $各 '%'。); '? – user1394925

+0

好的,我嘗試這樣:'call_user_func_array(陣列($語句, 'bind_param'),$每= '%' $各 '%'。); '但是如果我在正確的詞語輸入諸如「AAA」,它無法找到結果作爲舊版本的MySQL代碼,它沒有找到工作的結果代碼 – user1394925

+0

更新的答案。關鍵是要確保'$ types'變量具有相同數量的's'字符作爲搜索$ user_terms也必須在'$ sql'匹配的'?'字符數 – Brad

相關問題

 相關問題