这是正确的方法吗?

时间:2020-09-13 06:19:09

标签: php mysqli prepared-statement

当您必须运行select关键内部值(通常是values(?)

)时,这是正确准备好的语句的正确方法

   function permission_table($conn, $username) {
    if($stmt = $conn->prepare("INSERT INTO perm (user_id) VALUES(SELECT id FROM users WHERE username = ?)")) {
            $stmt->bind_param("s", $username);
            $stmt->execute();
}
}

1 个答案:

答案 0 :(得分:0)

我将在此处直接使用INSERT INTO ... SELECT,而无需使用VALUES子句:

INSERT INTO perm (user_id)
SELECT id FROM users WHERE username = ?;

您更新的PHP代码:

$sql = "INSERT INTO perm (user_id) SELECT id FROM users WHERE username = ?";
if ($stmt = $conn->prepare(sql)) {
    $stmt->bind_param("s", $username);
    $stmt->execute();
}
相关问题
最新问题