我一直在学习如何使用准备和绑定语句来进行sql查询,到目前为止我已经发现了这个问题,它工作正常,但是当涉及到多个参数或者没有参数需要时,它根本不是动态的,如何在PHP中动态绑定mysqli bind_param参数?
public function get_result($sql,$parameter)
{
# create a prepared statement
$stmt = $this->mysqli->prepare($sql);
# bind parameters for markers
# but this is not dynamic enough...
$stmt->bind_param("s", $parameter);
# execute query
$stmt->execute();
# these lines of code below return one dimentional array, similar to mysqli::fetch_assoc()
$meta = $stmt->result_metadata();
while ($field = $meta->fetch_field()) {
$var = $field->name;
$$var = null;
$parameters[$field->name] = &$$var;
}
call_user_func_array(array($stmt, 'bind_result'), $parameters);
while($stmt->fetch())
{
return $parameters;
//print_r($parameters);
}
# close statement
$stmt->close();
}
这是我如何调用该对象类,
$mysqli = new database(DB_HOST,DB_USER,DB_PASS,DB_NAME);
$output = new search($mysqli);
有时候,我不需要任何参数来传递,
$sql = "
SELECT *
FROM root_contacts_cfm
";
print_r($output->get_result($sql));
有时候,我只需要一个参数,
$sql = "
SELECT *
FROM root_contacts_cfm
WHERE root_contacts_cfm.cnt_id = ?
ORDER BY cnt_id DESC
";
print_r($output->get_result($sql,'1'));
有时候,我只需要一个以上的参数,
$sql = "
SELECT *
FROM root_contacts_cfm
WHERE root_contacts_cfm.cnt_id = ?
AND root_contacts_cfm.cnt_firstname = ?
ORDER BY cnt_id DESC
";
print_r($output->get_result($sql,'1','Tk'));
所以,我认为,这条线是不是上面的动态任务,
足够的动态$stmt->bind_param("s", $parameter);
要动态地构建bind_param,我在其他帖子上发现了这个。
call_user_func_array(array(&$stmt, 'bind_params'), $array_of_params);
我试图从php.net修改一些代码,但我越来越行不通,
if (strnatcmp(phpversion(),'5.3') >= 0) //Reference is required for PHP 5.3+
{
$refs = array();
foreach($arr as $key => $value)
$array_of_param[$key] = &$arr[$key];
call_user_func_array(array(&$stmt, 'bind_params'), $array_of_params);
}
为什么?任何想法,我怎么能使它工作?
或者也许有更好的解决方案?
您params数组中的空值将打破您的动态绑定调用FYI – 2014-12-16 21:02:32