創建用戶失敗Mysqli準備語句

Question

我想創建一個簡單的PHP腳本來創建和分配給SQL用戶的屬性。查詢工作正常，如果沒有參數使用，但失敗，否則。

做工精細

$conn = new mysqli('127.0.0.1', 'root', 'pass'); 
$sql = "CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password'"; 
$stmt = $conn->prepare($sql); 
$stmt->execute(); 

兩個用戶名和密碼?

$conn = new mysqli('127.0.0.1', 'root', 'pass'); 
$sql = "CREATE USER '?'@'localhost' IDENTIFIED BY '?'"; 
$stmt = $conn->prepare($sql); 
$uname = "carn"; 
$pass = "pass"; 
$stmt->bind_param('ss', $uname, $pass); 
$stmt->execute(); 

兩個用戶名和密碼都在語法?

$conn = new mysqli('127.0.0.1', 'root', 'pass'); 
$sql = 'CREATE USER "?"@"localhost" IDENTIFIED BY "?"'; 
$stmt = $conn->prepare($sql); 
$uname = "carn"; 
$pass = "pass"; 
$stmt->bind_param('ss', $uname, $pass); 
$stmt->execute(); 

錯誤，請檢查文檔

$conn = new mysqli('127.0.0.1', 'root', 'pass'); 
$sql = "CREATE USER ?@'localhost' IDENTIFIED BY ?"; 
$stmt = $conn->prepare($sql); 
$uname = "carn"; 
$pass = "pass"; 
$stmt->bind_param('ss', $uname, $pass); 
$stmt->execute(); 

錯誤語法，檢查文件

$conn = new mysqli('127.0.0.1', 'root', 'pass'); 
$sql = "CREATE USER `?`@'localhost' IDENTIFIED BY `?`"; 
$stmt = $conn->prepare($sql); 
$uname = "carn"; 
$pass = "pass"; 
$stmt->bind_param('ss', $uname, $pass); 
$stmt->execute(); 

我不知道在哪裏可以從這裏走。這可能是我使用引號的一個問題，我在這裏看到兩個相關的問題，但沒有一個回答正確。

Answer 1

使用預處理語句，您只能使用有限的查詢子集。創建用戶不包括在內。

您可以嘗試INSERT到mysql.user表，像

INSERT INTO `mysql`.`user` (Host,User,Password)VALUES(?,?,password(?)); 

此外，隨着創建的用戶動態，你正在做的事情錯

Answer 2

不要把周圍的?，bind_param單引號（）將搞定此事。

但是，還有另一個問題是您不能在MySQL中使用CREATE USER語句的佔位符。請參閱How to write "create user ?" with MySQL prepared statement。