Php 在下面的示例中,将mysql转换为mysqli
我有一个在应用程序中正常工作的旧mysql代码:Php 在下面的示例中,将mysql转换为mysqli,php,mysql,mysqli,Php,Mysql,Mysqli,我有一个在应用程序中正常工作的旧mysql代码: $query = " SELECT * FROM Tutor t WHERE (t.Tutorusername = '".mysql_real_escape_string($tutorusername)."') AND (t.Tutorpassword = '".mysql_real_escape_string($tutorpassword)."') "; $num = mysql_num_rows($result = mysql_
$query = "
SELECT * FROM Tutor t
WHERE
(t.Tutorusername = '".mysql_real_escape_string($tutorusername)."')
AND
(t.Tutorpassword = '".mysql_real_escape_string($tutorpassword)."')
";
$num = mysql_num_rows($result = mysql_query($query));
while($row = mysql_fetch_array($result))
{
...
}
但我现在想从Mysql改为使用mysqli。我的问题是,下面的mysqli代码是否完全正确,是否与上面的mysql代码相同
$query = $mysqli->prepare("
SELECT * FROM Tutor t
WHERE
(t.Tutorusername = '".mysqli_real_escape_string($tutorusername)."')
AND
(t.Tutorpassword = '".mysqli_real_escape_string($tutorpassword)."')
");
$query->bind_result($Tutor);
$num = $query->num_rows($result = $query->execute());
while($row = $result->fetch())
{
...
}
无需在此处使用
preapre()
,因为您正在连接sql字符串
$sql="SELECT * FROM Tutor t
WHERE
t.Tutorusername='".mysqli_real_escape_string($tutorusername)."'
AND
t.Tutorpassword = '".mysqli_real_escape_string($tutorpassword)."'");
$result=$mysqli->query($sql);
if($result)
{
$row=$result->fetch_row();
if($row)
print_r($row);
}
对于prepare()方法,必须指定参数:
$sql="SELECT * FROM Tutor t
WHERE t.Tutorusername=? AND t.Tutorpassword=?";
$stmt=$mysqli->prepare($sql);
$stmt->bind_param("s",$tutorusername);
$stmt->bind_param("s",$tutorpassword);
$stmt->execute();
//I presume that the table "T" has three columns
$stmt->bind_result($col1,$col2,$col2);
while($stmt->fetch())
{
echo "<br/>", $col1,$col2,$col3;
}
$sql=“从t中选择*
其中t.Tutorusername=?和t.Tutorpassword=?”;
$stmt=$mysqli->prepare($sql);
$stmt->bind_参数(“s”,$tutorusername);
$stmt->bind_参数($s',$tutorpassword);
$stmt->execute();
//我假定表“T”有三列
$stmt->bind_result($col1、$col2、$col2);
而($stmt->fetch())
{
echo“
,$col1,$col2,$col3;
}
PS:阅读MySQLIAPI的PHP手册。跳过mysqli,直接转到PDO。