Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/67.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
PHP和MySql-如何使这个插入查询工作?_Php_Mysql - Fatal编程技术网
Fatal编程技术网
  • php/
  • PHP和MySql-如何使这个插入查询工作?

PHP和MySql-如何使这个插入查询工作?

php mysql

PHP和MySql-如何使这个插入查询工作?,php,mysql,Php,Mysql,这是我的代码: public function cadastrar(Family $family){ var_dump($family); //just to verify $objDb = new db_con(); $conn = $objDb->getConn(); //REGISTER FAMILY INTO DATABASE $sql = "insert into family(family_

这是我的代码:

public function cadastrar(Family $family){

        var_dump($family); //just to verify


        $objDb = new db_con();
        $conn = $objDb->getConn();

        //REGISTER FAMILY INTO DATABASE
        $sql = "insert into family(family_declaracao_renda,
                                    familia_renda_mensal,
                                    family_assinatura_local,
                                    family_assinatura_dia,
                                    family_assinatura_mes,
                                    family_assinatura_ano,
                                    family_deficiente_presente,
                                    family_adaptacao_necessaria_imovel)
                            values( '$family->getDeclaracaoRendaFamiliar()',
                                    '$family->getRendaBrutaMensal()',
                                    '$family->getAssinaturaLocal()',
                                    '$family->getAssinaturaDia()',
                                    '$family->getAssinaturaMes()',
                                    '$family->getAssinaturaAno()',
                                    '$family->getDeficientePresente()',
                                    '$family->getAdaptacaoImovelNecessaria()')";

        //Executar query
        if (mysqli_query($conn, $sql)){
            echo 'SUCCESS!';
        } else {
            echo 'ERROR!';
        }

    }
所以我知道你可以把变量放在'variable1','variable2'之间。我正在从此对象调用类方法,我缺少什么?

准备查询,这是保护数据库免受SQLInjection类型攻击的最佳方法。它还处理许多引用问题和其他事情

$sql = 'INSERT INTO family(
    family_declaracao_renda,
    familia_renda_mensal,
    family_assinatura_local,
    family_assinatura_dia,
    family_assinatura_mes,
    family_assinatura_ano,
    family_deficiente_presente,
    family_adaptacao_necessaria_imovel
)VALUES(
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)';
$stmt = mysqli_stmt_init($link);
mysqli_stmt_prepare($stmt, $sql);
mysqli_stmt_bind_param(
    $stmt,
    'ssssssss', //must be the same as number of argments, types s=string, i=int, d=double/float, b=blob 
    $family->getDeclaracaoRendaFamiliar(),
    $family->getRendaBrutaMensal(),
    $family->getAssinaturaLocal(),
    $family->getAssinaturaDia(),
    $family->getAssinaturaMes(),
    $family->getAssinaturaAno(),
    $family->getDeficientePresente(),
    $family->getAdaptacaoImovelNecessaria()
);

//Executar query
if (mysqli_stmt_execute($stmt)){
    echo 'SUCCESS!';
} else {
    echo 'ERROR!';
}
这并不难,即使MySqli过程接口是垃圾。考虑使用面向对象的接口,或者切换到PDO我的首选。MySqli的OOP接口稍微简单一点,但我不会仅仅为了篇幅的缘故而讨论它。您可以在PHP.net上查找它,或者我确信那里有一些教程

一句警告的话,我已经好几年没有使用MySqli了,可能是6-8,程序风格甚至更长。所以我不能保证它会像我这里的一样工作。事实上,我认为我从来没有使用过MySqli的程序风格。当我离开mysql时,我可以做准备好的语句是在PHP5.3 2010ish的中期运行,大概是在我完成web设计学院一年后,我开始在代码中使用OOP类和对象。所以我刚才从PHP.net复制的大部分mysqli代码

在PDO中:

$sql = 'INSERT INTO family(
    family_declaracao_renda,
    familia_renda_mensal,
    family_assinatura_local,
    family_assinatura_dia,
    family_assinatura_mes,
    family_assinatura_ano,
    family_deficiente_presente,
    family_adaptacao_necessaria_imovel
)VALUES(
    :family_declaracao_renda,
    :familia_renda_mensal,
    :family_assinatura_local,
    :family_assinatura_dia,
    :family_assinatura_mes,
    :family_assinatura_ano,
    :family_deficiente_presente,
    :family_adaptacao_necessaria_imovel
)';
try{
    $stmt = mysqli_stmt_init($link);
    $Pdo->prepare($sql)->execute([
        ':family_declaracao_renda'          => $family->getDeclaracaoRendaFamiliar(),
       ':familia_renda_mensal'              => $family->getRendaBrutaMensal(),
       ':family_assinatura_local'           => $family->getAssinaturaLocal(),
       ':family_assinatura_dia'             => $family->getAssinaturaDia(),
       ':family_assinatura_mes'             => $family->getAssinaturaMes(),
       ':family_assinatura_ano'             => $family->getAssinaturaAno(),
       ':family_deficiente_presente'        => $family->getDeficientePresente(),
       ':family_adaptacao_necessaria_imovel'=> $family->getAdaptacaoImovelNecessaria(),
    ]);
}catch(PDOException $e){
    echo "PDOException[{$e->getCode()}] {$e->getMessage()} in {$e->getFile()} on {$e->getLine()}";
}
在PDO中,您可以使用命名的占位符:name而不是?当MySqli使用时,您仍然可以使用?在PDO中。我通常做的是复制字段名,并将:添加到它们的前面。命名占位符可以轻松跟踪值的去向,执行中使用的数据数组的顺序甚至无关紧要。正如您所看到的,mysqli版本大约需要4次调用,PDO版本只需要2次,并且使用方法链接$PDO->prepare$sql->execute。。。您甚至不需要将它放在另一行或设置局部变量。这相当于:

 //$Pdo->prepare($sql)->execute(...)
 $stmt = $Pdo->prepare($sql); //returns PDOStatement
 $stmt->execute(...); //makes a call on PDOStatement
因为$Pdo->prepare$sql在不需要该对象的情况下返回一个Pdo语句,所以我们可以调用->execute。。。链中上一个方法的返回值。我觉得我应该解释一下,因为你可能不习惯使用对象。但是,链接使代码保持整洁,没有多余的变量,这使得跟踪事情变得更容易,因为要跟踪的事情更少

简言之,在MySqli和PDO中都很容易做到这一点,但是PDO非常值得学习如何使用,因为它有许多优点。更好的接口、更好的获取方法、命名占位符、异常等

干杯

您不能在字符串“$family->GetDeclaracoRendaFamiliar”中调用函数,请使用点来连接或使用变量。请使用准备好的语句。您也可以使用{}这样的值“{$family->GetDeclaracoRendaFamiliar'}”@MadhawaPriyashantha-在错误的位置使用撇号“}应该是}”,这是我在插入方法调用时首选的语法。那时比较短。。对于其他人所说的OP,请准备好您的查询。@ArtisticPhoenix是的,我的错误,谢谢。请重新检查,OP的字段/值数是否正确=>8/8@JaswinderSingh-是的,你说得对,不知道我怎么错过了那一次,哈哈,我想我累了。无论如何,我修正了答案。我还搬了一些东西,清理了一些东西,雅达雅达。。。谢谢 
$sql = 'INSERT INTO family(
    family_declaracao_renda,
    familia_renda_mensal,
    family_assinatura_local,
    family_assinatura_dia,
    family_assinatura_mes,
    family_assinatura_ano,
    family_deficiente_presente,
    family_adaptacao_necessaria_imovel
)VALUES(
    :family_declaracao_renda,
    :familia_renda_mensal,
    :family_assinatura_local,
    :family_assinatura_dia,
    :family_assinatura_mes,
    :family_assinatura_ano,
    :family_deficiente_presente,
    :family_adaptacao_necessaria_imovel
)';
try{
    $stmt = mysqli_stmt_init($link);
    $Pdo->prepare($sql)->execute([
        ':family_declaracao_renda'          => $family->getDeclaracaoRendaFamiliar(),
       ':familia_renda_mensal'              => $family->getRendaBrutaMensal(),
       ':family_assinatura_local'           => $family->getAssinaturaLocal(),
       ':family_assinatura_dia'             => $family->getAssinaturaDia(),
       ':family_assinatura_mes'             => $family->getAssinaturaMes(),
       ':family_assinatura_ano'             => $family->getAssinaturaAno(),
       ':family_deficiente_presente'        => $family->getDeficientePresente(),
       ':family_adaptacao_necessaria_imovel'=> $family->getAdaptacaoImovelNecessaria(),
    ]);
}catch(PDOException $e){
    echo "PDOException[{$e->getCode()}] {$e->getMessage()} in {$e->getFile()} on {$e->getLine()}";
}