我正在尝试在公共函数中使用全局关键字。
这就是我所拥有的,你会看到变量$ memberID,我已将其注释掉,但可以回显出它下方的memberID,但是当它在函数内部使用时,它不会#&# 39;不承认。
我有"全球$ memberID;"内部功能,但没有工作。
<?php
$memberID = $_GET['memberID'];
// echo $memberID;
class DB_Functions {
private $db_conx;
function __construct() {
include_once ('db_conx.php');
$this->db_conx = DBC::connect();
}
function __destruct() {}
/**
* Start SERIES ------------------------------------------------------------
*/
public function getActiveSeries() {
global $memberID;
// $memberID = '1';
$sql = "SELECT * FROM series WHERE isActive = 'y' AND USER_ID = '$memberID'";
$result = mysqli_query($this->db_conx,$sql);
return $result;
}
}
?>
答案 0 :(得分:1)
尝试使用面向对象的编程。
$class = new DB_Functions($_GET['memberID']);//this goes in the construct function.
class DB_Functions {
public $memberID;
public function __construct($memberid = null) {
$this->memberID = (int) $memberid;
}
#access the member ID as $this->memberID
public function getActiveSeries() {
$sql = "SELECT * FROM series WHERE isActive = 'y' AND USER_ID = '$this->memberID'";
$result = mysqli_query($this->db_conx,$sql);
return $result;
}
}
上述方法的优点是,每个实例的成员ID都可用于此类。这意味着您不必将成员ID传递给类中的每个函数。您所要做的就是在实例化类时传递成员ID,然后在类中的任何函数中以$this->memberID访问它
当您使用支持它的api时,请开始使用预准备语句
答案 1 :(得分:0)
$_GET['memberID']已经是全局版,您可以直接在您的方法中访问它。
public function getActiveSeries() {
$memberId = filter_var($_GET['memberId'],FILTER_SANITIZE_STRING );
$mysqli = new mysqli("example.com", "user", "password", "database");
$stmt = $mysqli->prepare("SELECT * FROM series WHERE isActive = 'y' AND USER_ID = ?");
$stmt->bind_param("i", $memberId);
$result = $stmt->execute();
return $result;
}