看着你的佔位符的動態創建:
$in = "'" . implode("','", array_fill(0, count($finalArray), '?')) . "'";
所以似乎與'
報價創建它們。佔位符不需要引用。
$in = implode(',', array_fill(0, count($finalArray), '?'));
$query = "UPDATE products SET Status = 'Reserved' WHERE SerialNumber IN ($in)";
$statement = $mysqli->prepare($query);
然後,在指定類型,你不需要他們還引述:
$statement->bind_param(str_repeat('s', count($finalArray)), $finalArray);
旁註:留意,你也不必動態調用bind_param
通call_user_func_array()
因爲你會使用數組。本部分討論thoroughly。
雖然我建議/喜歡使用PDO的->execute()
:
$pdo = new PDO('mysql:host=localhost;dbname=DATABASE NAME', 'username', 'password');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$in = implode(',', array_fill(0, count($finalArray), '?'));
$query = "UPDATE products SET Status = 'Reserved' WHERE SerialNumber IN ($in)";
$statement = $pdo->prepare($query);
$statement->execute($finalArray);
另一種方法使用Reflection
:
$in = implode(',', array_fill(0, count($finalArray), '?'));
$type = str_repeat('s', count($finalArray));
$query = "UPDATE products SET Status = 'Reserved' WHERE SerialNumber IN ($in)";
$statement = $mysqli->prepare($query);
$ref = new ReflectionClass('mysqli_stmt');
$method = $ref->getMethod('bind_param');
array_unshift($finalArray, $type); // prepend the 'sss' inside
$method->invokeArgs($statement, $finalArray);
$statement->execute();
謝謝,懂了工作。 – Wes
肯定@很高興這有幫助 – Ghost