php select prepared语句是什么样的?

时间:2014-05-31 08:20:25

标签: php mysql mysqli

好的..所以我一直在网上寻找几个小时,现在试图找出如何转换我的旧mysql

这是我的PHP代码atm 

$sql2="SELECT * FROM $tbl_name_question2 WHERE question_id='$question_id_comments' ORDER BY a_id ASC";
$result2=mysql_query($sql2);
// Comment Loop Starts
while($rows=mysql_fetch_array($result2)){
?>
<div class="row comment-body">
    <div class="col-md-3">
        <p><? echo $rows['a_name']; ?></p>
        <span><? echo $rows['a_datetime']; ?></span>
    </div>
    <div class="col-md-9">
        <p><? echo $rows['a_answer']; ?></p>
    </div>
</div>
<?php } // Comment Loop Ends ?>

我已经正确设置了数据库连接信息,因为我编写了一个MySQLi预处理语句来插入有效的内容,但是我无法想出这个。

$datetime=date("m/d/y h:i"); // Format Date And Time

// Connect
$mysqli = new mysqli('private', 'private', 'private', 'private');

// Check Connection
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

如果有人可以在修正方向上向我展示或者告诉我如何转换它,那将非常感激!

提前感谢!

2 个答案:

答案 0 :(得分:2)

// Prepare the statement, using ? in place of parameters
// Note that you can only use parameters where expressions are allowed, so the
// tablename must still be done by substituting a variable
$stmt = $mysqli->prepare("SELECT a_name, a_datetime, a_answer FROM $tbl_name_question2
                          WHERE question_id = ?
                          ORDER BY a_id ASC");
// Bind the parameters to the corresponding variables
$stmt->bind_param("s", $question_id_comments);
$stmt->execute();
// Bind variables to receive the results
$stmt->bind_result($name, $datetime, $answer);
// Fetch the rows, and use the above variables to output the results
while ($stmt->fetch() {
    ?>
    <div class="row comment-body">
        <div class="col-md-3">
            <p><? echo $name; ?></p>
            <span><? echo $datetime; ?></span>
        </div>
        <div class="col-md-9">
            <p><? echo $answer; ?></p>
        </div>
    </div>
    <?php }

答案 1 :(得分:0)

请检查您是否可以在此处使用mysqli代码

    <?php
    $mysqli = @new mysqli('private', 'private', 'private', 'private');

    if ($mysqli->connect_error) {
        printf("Connect failed: %s\n", $mysqli->connect_error);
    }

    /* create a prepared statement */
    if ($stmt = $mysqli->prepare("SELECT * FROM $tbl_name_question2 WHERE question_id=? ORDER BY a_id ASC")) {

    $stmt->bind_param('i',$question_id_comments);

    /* execute query */
    $stmt->execute();

    /* Store the result (to get properties) */
    $stmt->store_result();

    /* Get the number of rows */
    $num_of_rows = $stmt->num_rows;

    /* Get the result */
    $result = $stmt->get_result();

    while ($row = $result->fetch_assoc()) {
    ?>

    <div class="row comment-body">
        <div class="col-md-3">
            <p><?php echo $row['a_name']; ?></p>
            <span><?php echo $row['a_datetime']; ?></span>
        </div>
        <div class="col-md-9">
            <p><?php echo $row['a_answer']; ?></p>
        </div>
    </div>
    <?php
    }   

    }

    /* close statement */
    $stmt->close();
   }

   /* close connection */
   $mysqli->close();
   ?>
相关问题
最新问题