我想使用mysqli的预处理SQL进行所有SQL的运行,目前卡在了查询上SQL语句示例如下:select * from message where user_id=?对于查询结果想自动封装成一个数组$rows该数组为2维数组能够做到以下效果echo $rows[0]["title"]; //显示第一条记录的标题
echo $rows[1]["cons"]; //显示第二条记录的内容等等需要对所有表都通用,也就是说,任何查询的SQL都可以调用该方法进行查询,并将结果封装在数组$rows内
echo $rows[1]["cons"]; //显示第二条记录的内容等等需要对所有表都通用,也就是说,任何查询的SQL都可以调用该方法进行查询,并将结果封装在数组$rows内
....//前面的查询过程忽略,直到得到结果集$rt;
$return = array();
while($row = mysql_fetch_assoc($rt)) {
$return[] = $row;
}
mysql_free_result($rt);
return $return;
}
其实使用的就是mysqli的prepare方式来执行数据库操作,比较简单的,参考:
mysqli::prepare
mysqli_prepare
(PHP 5)mysqli::prepare -- mysqli_prepare — Prepare an SQL statement for execution说明
面向对象风格mysqli_stmt mysqli::prepare ( string $query )
过程化风格mysqli_stmt mysqli_prepare ( mysqli $link , string $query )
Prepares the SQL query, and returns a statement handle to be used for further operations on the statement. The query must consist of a single SQL statement. The parameter ers must be bound to application variables using mysqli_stmt_bind_param() and/or mysqli_stmt_bind_result() before executing the statement or fetching rows. 参数link
仅以过程化样式:由 mysqli_connect() 或 mysqli_init() 返回的链接标识。query
The query, as a string. Note: You should not add a terminating semicolon or \g to the statement.
This parameter can include one or more parameter ers in the SQL statement by embedding question (?) characters at the appropriate positions. Note: The ers are legal only in certain places in SQL statements. For example, they are allowed in the VALUES() list of an INSERT statement (to specify column values for a row), or in a comparison with a column in a WHERE clause to specify a comparison value. However, they are not allowed for identifiers (such as table or column names), in the select list that names the columns to be returned by a SELECT statement, or to specify both operands of a binary operator such as the = equal sign. The latter restriction is necessary because it would be impossible to determine the parameter type. It's not allowed to compare er with NULL by ? IS NULL too. In general, parameters are legal only in Data Manipulation Language (DML) statements, and not in Data Definition Language (DDL) statements. 返回值
mysqli_prepare() returns a statement object or FALSE if an error occurred. 范例
Example #1 mysqli::prepare() example面向对象风格<?php
$mysqli = new mysqli("localhost", "my_user", "my_password", "world");/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}$city = "Amersfoort";/* create a prepared statement */
if ($stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) { /* bind parameters for ers */
$stmt->bind_param("s", $city); /* execute query */
$stmt->execute(); /* bind result variables */
$stmt->bind_result($district); /* fetch value */
$stmt->fetch(); printf("%s is in district %s\n", $city, $district); /* close statement */
$stmt->close();
}/* close connection */
$mysqli->close();
?>
过程化风格<?php
$link = mysqli_connect("localhost", "my_user", "my_password", "world");/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}$city = "Amersfoort";/* create a prepared statement */
if ($stmt = mysqli_prepare($link, "SELECT District FROM City WHERE Name=?")) { /* bind parameters for ers */
mysqli_stmt_bind_param($stmt, "s", $city); /* execute query */
mysqli_stmt_execute($stmt); /* bind result variables */
mysqli_stmt_bind_result($stmt, $district); /* fetch value */
mysqli_stmt_fetch($stmt); printf("%s is in district %s\n", $city, $district); /* close statement */
mysqli_stmt_close($stmt);
}/* close connection */
mysqli_close($link);
?>
以上例程会输出:Amersfoort is in district Utrecht
PS: 一看就明白了
真的不是那么简单的。PHP帮助手册翻了好几天了首先手册上使用的方法是绑定参数有10个字段就要绑定给10个变量我可以知道有多少个字段但是我无法动态的在程序里生成这么多的变量同时,由于我需要的这个方法是针对多个表公用的也就不可能指定共计有多少个字段了退一步来说就算传递入表名用IF去读取固定的字段数量,那么当遇到数据库表内字段变更的时候也将会很麻烦,一旦出现问题,会造成比较大的麻烦
理论上没有问题。但是你这里使用的是mysql而不是mysqli我需要知道的是mysqli内如何写mysql何必这么麻烦,直接就有方法进行封装了