问题:
准备部分准备好的语句失败-直接在另一个准备好的语句下
司英彦
我有以下准备的一个准备好的声明失败了...
$stmt2 = $con->prepare("SELECT * FROM forum_posts WHERE `category_id`=? AND `topic_id`=?");
//var_dump($stmt2);
if ( !$stmt2 || !empty($con->error)) {
die('Select forum posts prepare() failed: ' . htmlspecialchars($con->error));
}
我在我的第一份准备好的声明中几乎有同样的准备,而且它进行得很好。我不确定是否我有两个准备好的声明,如果这是造成一个问题,或情况可能是什么?
现在我有个错误...
$con = mysqli_connect("localhost", "root", "", "db");
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$cid = $_GET['cid'];
$tid = $_GET['tid'];
$userid = ( isset( $_SESSION['user'] ) ? $_SESSION['user'] : "" );
//Prepared SELECT stmt to get forum topics
$stmt = $con->prepare("SELECT * FROM forum_topics WHERE `category_id`=? AND id=? LIMIT 1");
if (!$stmt || $con->error ) {
die('Select topics prepare() failed: ' . htmlspecialchars($con->error));
}
if(!$stmt->bind_param('ii', $cid, $tid)) {
die('Select topics bind_param() failed: ' . htmlspecialchars($stmt->error));
}
if(!$stmt->execute()) {
die('Select topics execute() failed: ' . htmlspecialchars($stmt->error));
}
$stmt->store_result();
$numrows = $stmt->num_rows;
if($numrows == 1){
echo "<table width='100%'>";
if ( $_SESSION['user'] ) {
echo "<tr><td colspan='2'><input type='submit' value='Add Reply' onClick=\"window.location =
'forum_post_reply.php?cid=".$cid."$tid=".$tid."'\"> <hr />";
} else {
echo "<tr><td colspan='2'><p>Please log in to add your reply</p><hr /></td></tr>";
}
foreach($stmt as $row) {
//Prepared SELECT stmt to get forum posts
$stmt2 = $con->prepare("SELECT * FROM forum_posts WHERE `category_id`=? AND `topic_id`=?");
//var_dump($stmt2);
if ( !$stmt2 || !empty($con->error)) {
die('Select forum posts prepare() failed: ' . htmlspecialchars($con->error));
}
//var_dump($con->error);
if(!$stmt2->bind_param('ii', $cid, $tid)) {
die('Select forum posts bind_param() failed: ' . htmlspecialchars($stmt2->error));
}
if(!$stmt2->execute()) {
die('Select forum posts execute() failed: ' . htmlspecialchars($stmt2->error));
}
//while($row2 = mysqli_fetch_assoc($stmt2)){
foreach($stmt2 as $row2) {
echo "<tr><td valign='top' style='border: 1px solid #000000;'>
<div style='min-height: 125px;'>".$row['topic_title']."<br />
by ".$row2['post_creator']." - " .$row2['post_date']. "<hr />" . $row2['post_content'] ."</div></td>
<td width='200' valign='top' align='center' style='border: 1px solid #000000;'>User Info Here!</td></tr>
<tr><td colspan='2'><hr /></td></tr>";
}
}
} else {
echo "<p>This topic does not exist.</p>";
}
更新-可能的内部连接,像这样?
//Prepared SELECT stmt to get forum topics
$stmt = $con->prepare("SELECT * FROM forum_topics AS f INNER JOIN forum_posts AS p ON
f.category_id=p.category_id ON f.id=p.topic_id WHERE s.category_id=? AND s.id=? LIMIT 1");
if (!$stmt || $con->error ) {
die('Select topics prepare() failed: ' . htmlspecialchars($con->error));
}
if(!$stmt->bind_param('ii', $cid, $tid)) {
die('Select topics bind_param() failed: ' . htmlspecialchars($stmt->error));
}
if(!$stmt->execute()) {
die('Select topics execute() failed: ' . htmlspecialchars($stmt->error));
}
$stmt->store_result();
$numrows = $stmt->num_rows;
if($numrows == 1){
echo "<table width='100%'>";
if ( $_SESSION['user'] ) {
echo "<tr><td colspan='2'><input type='submit' value='Add Reply' onClick=\"window.location =
'forum_post_reply.php?cid=".$cid."$tid=".$tid."'\"> <hr />";
} else {
echo "<tr><td colspan='2'><p>Please log in to add your reply</p><hr /></td></tr>";
}
foreach($stmt as $row) {
echo "<tr><td valign='top' style='border: 1px solid #000000;'>
<div style='min-height: 125px;'>".$row['topic_title']."<br />
by ".$row2['post_creator']." - " .$row2['post_date']. "<hr />" . $row2['post_content'] ."</div></td>
<td width='200' valign='top' align='center' style='border: 1px solid #000000;'>User Info Here!</td></tr>
<tr><td colspan='2'><hr /></td></tr>";
}
}
} else {
echo "<p>This topic does not exist.</p>";
}
}*/
/*$stmt = $con->prepare("SELECT topic_title, post_content FROM forum_topics, forum_posts
WHERE forum_topics.category_id=forum_posts.category_id
AND forum_topics.category_id=?");*/
//$stmt = $con->prepare("SELECT topic_title, topic_creator FROM forum_posts AS f LEFT JOIN forum_topics AS p ON f.category_id=p.category_id WHERE f.category_id=?");
$stmt = $con->prepare("SELECT topic_title, topic_creator FROM forum_posts AS p, forum_topics AS f WHERE f.category_id=? AND p.topic_id=? LIMIT 1");
if (!$stmt || $con->error ) {
die('Select forum prepare() failed: ' . htmlspecialchars($con->error));
}
if(!$stmt->bind_param('ii', $cid, $tid)) {
die('Select forum bind_param() failed: ' . htmlspecialchars($stmt->error));
}
if(!$stmt->execute()) {
die('Select forum execute() failed: ' . htmlspecialchars($stmt->error));
}
mysqli_stmt_bind_result($stmt, $post_content, $topic_title);
$stmt->store_result();
echo $stmt->store_result();
$numrows = $stmt->num_rows;
if($stmt->num_rows > 0){
echo "<table width='100%'>";
if ( $_SESSION['user'] ) {
echo "<tr><td colspan='2'><input type='submit' value='Add Reply' onClick=\"window.location =
'forum_post_reply.php?cid=".$cid."$tid=".$tid."'\"> <hr />";
} else {
echo "<tr><td colspan='2'><p>Please log in to add your reply</p><hr /></td></tr>";
}
while (mysqli_stmt_fetch($stmt)) {
echo "<tr><td valign='top' style='border: 1px solid #000000;'>
<div style='min-height: 125px;'>".$topic_title."<br />
by " . $post_content ."</div></td>
<td width='200' valign='top' align='center' style='border: 1px solid #000000;'>User Info Here!</td></tr>
<tr><td colspan='2'><hr /></td></tr>";
}
mysqli_stmt_close($stmt);
} else {
echo "<p>This topic does not exist.</p>";
}
?>
</body>
</html>
共有1个答案
寿元白
在与OP聊天5个小时后,最终解决了问题
问题;
- 第二个查询失败
- 未显示第一个查询结果
-
null
//bind the result
mysqli_stmt_bind_result($stmt, $topic_title, $topic_creator, $postDate, $postcontent);
//use while loop instead foreach
while (mysqli_stmt_fetch($stmt))
//Prepared SELECT stmt to get forum topics
$stmt = $con->prepare("SELECT topic_title, topic_creator, post_date, post_content FROM forum_posts AS p, forum_topics AS f WHERE f.category_id=? AND p.topic_id=?");
if (!$stmt || $con->error ) {
die('Select forum prepare() failed: ' . htmlspecialchars($con->error));
}
if(!$stmt->bind_param('ii', $cid, $tid)) {
die('Select forum bind_param() failed: ' . htmlspecialchars($stmt->error));
}
if(!$stmt->execute()) {
die('Select forum execute() failed: ' . htmlspecialchars($stmt->error));
}
mysqli_stmt_bind_result($stmt, $topic_title, $topic_creator, $postDate, $postcontent);
$stmt->store_result();
if($stmt->num_rows > 0){
echo "<table width='100%'>";
if ( $_SESSION['user'] ) {
echo "<tr><td colspan='2'><input type='submit' value='Add Reply' onClick=\"window.location =
'forum_post_reply.php?cid=".$cid."$tid=".$tid."'\"> <hr />";
} else {
echo "<tr><td colspan='2'><p>Please log in to add your reply</p><hr /></td></tr>";
}
while (mysqli_stmt_fetch($stmt)) {
echo "<tr><td valign='top' style='border: 1px solid #000000;'>
<div style='min-height: 125px;'>".$topic_title."<br />
by ".$topic_creator." - " .$postDate. "<hr />" . $postcontent ."</div></td>
<td width='200' valign='top' align='center' style='border: 1px solid #000000;'>User Info Here!</td></tr>
<tr><td colspan='2'><hr /></td></tr>";
}
mysqli_stmt_close($stmt);
} else {
echo "<p>This topic does not exist.</p>";
}
类似资料:
-
问题内容: 我刚刚开始做我的第一个项目(很有趣)。我正在学习PHP和MySQL,并且已经完成了我的第一个正常工作的应用程序。它可以工作,但是我现在正在学习如何保护应用程序的安全,从而防止SQL注入。我大约有50多个PHP文件来管理与MySQL数据库的交互。它们看起来都是这样的: 这是我在整个应用程序中用于向数据库读写数据的格式。如果我需要将它们更改为准备好的语句,而不是在其中插入任何信息,而只是在
-
场景:继我之前的问题(在存储过程中使用游标循环行MySQL)之后,我尝试执行一个嵌套的prepare语句,在该语句中,我向外部语句输入一个日期,然后调用内部语句,该语句从表中获取数据。 代码: 问题:这段代码运行时没有错误,但没有给出任何结果。如果我只运行第一个准备好的语句,一个接一个地直接输入变量,就可以了。所以我猜问题在于我的第二句话。 问题:你知道我做错了什么吗? Obs:第二个代码应该循环
-
其思想是创建一个准备好的语句将信息插入到用户表中,然后从生成的内容中获取insert_id以在另一个insert语句中使用 这是我的注册脚本的一个版本 第一条准备好的语句正确运行并向表中插入信息,之后成功回显$RETURNID变量。脚本中的下一个是我准备好的第二条语句,当它试图运行im时,得到的错误是: 致命错误:对第17行d:\filepath\register.php中的非对象调用成员函数bi
-
问题内容: 在将HQL转换为SQL时,Hibernate在JDBC内部使用PreparedStatement。HQL中的内联参数如何处理? 例: 将状态“解析”并用作SQL中的参数,或者将其作为内联参数发送。 我的观点背后的原因是“最佳做法”,以及针对重复调用的查询性能 问题答案: 它被内联发送。当是客户端控制的值时,您绝对不希望这样做。 而是将其参数化: 也可以看看: OWASP-hiberna
-
问题内容: 我使用准备好的语句编写了select语句。每次尝试运行时都会出现此错误。我如何克服这个错误?我的jdbc连接器是mysql-connector- java-5.1.13-bin.jar。我的代码: 错误代码.. 2013年10月1日,下午1:23:23 sanin.lands.model.View_ads_cls getAdDetail 问题答案: 错误在这一行 这样做