-2
我想将一个小文件从mysql转换为mysqli。这是我到目前为止,但它不起作用。有人可以检查它看看有什么问题吗?需要帮助完成从mysql到mysqli的转换
$mysqli = new mysqli("localhost", "some_name", "password", "some_db");
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit();
}
session_start();
if(isset($_SESSION['userid'])){
$user = mysqli_real_escape_string($mysqli, $_SESSION['userid']);
// Retrieves variables through AJAX
$favid = mysqli_real_escape_string($mysqli, $_GET['favid']);
// Check if it is favored
$query = $mysqli->prepare("SELECT * FROM favorites WHERE user='$user'");
$query->execute();
$query->store_result();
$userows = $query->num_rows;
$query = $mysqli->prepare("SELECT * FROM favorites WHERE user='$user' AND favid='$favid'");
$query->execute();
$query->store_result();
$matches = $query->num_rows;
// If it is favored, add
if($matches == 0 && $userows < 30){
$mysqli->prepare("INSERT INTO favorites (user, favid, exptime) VALUES ('$user', '$favid', CURRENT_TIMESTAMP)");
echo "";
}
// If it is favored, delete
if($matches != 0){
$mysqli->prepare("DELETE FROM favorites WHERE user='$user' AND favid='$favid'");
echo "";
}
} else {
echo "Invalid session!";
}
原始(mysql)代码正常工作。这只是我没有足够的经验与mysqli。
您的代码可能包含语法错误。 请查阅以下链接http://php.net/manual/en/mysqli.error.php和http://php.net/manual/en/function.error-reporting.php 并将其应用于您的代码。 –
您正在过程式PHP和面向对象的PHP之间切换(您不应该)('mysqli_real_escape_string') – HPierce
[您的脚本存在SQL注入攻击的风险。](http://stackoverflow.com/questions/60174/如何我可以防止SQL注入在PHP) –