Php 如何通过函数参数传递SQL字符串

我想创建一个以SQL字符串为参数并返回数组的函数 我写这个函数：

function getgquery($I_sql){
    $mysqli = new mysqli("localhost","root","","ACLUB");
    $sql = $I_sql;
    $result = $mysqli->query($sql);
    $Data = array();
    if(mysqli_num_rows($result)>0){
        while($row = mysqli_fetch_assoc($result)){
            $Data [] = $row;
        }
    }
    return $Data;
}

       print_r(getgquery('SELECT * FROM `poeple`'));   

然后调用函数：

function getgquery($I_sql){
    $mysqli = new mysqli("localhost","root","","ACLUB");
    $sql = $I_sql;
    $result = $mysqli->query($sql);
    $Data = array();
    if(mysqli_num_rows($result)>0){
        while($row = mysqli_fetch_assoc($result)){
            $Data [] = $row;
        }
    }
    return $Data;
}

       print_r(getgquery('SELECT * FROM `poeple`'));   

但我得到了这个错误：

警告：mysqli_num_rows（）要求参数1为mysqli_结果， bool在第9行的N:\xampp\htdocs\test\functions.php中给出

这是个好主意

您之所以会收到错误，是因为您没有启用错误报告，并且没有看到您在SQL中输入的错误

正确的函数应如下所示：

// Enable mysqli error reporting and open connection
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli('localhost', 'username', 'password', 'db_test');
$mysqli->set_charset('utf8mb4'); // always set the charset

function getgquery(mysqli $mysqli, string $I_sql, array $params = []): ?array {
    $stmt = $mysqli->prepare($I_sql);
    if ($params) {
        $stmt->bind_param(str_repeat("s", count($params)), ...$params);
    }
    $stmt->execute();
    if ($result = $stmt->get_result()) {
        return $result->fetch_all(MYSQLI_BOTH);
    }
}

// with the typo fixed:
print_r(getgquery($mysqli, 'SELECT * FROM `people`')); 

class DBClass extends mysqli {
    public function __construct(
        $host = null,
        $username = null,
        $passwd = null,
        $dbname = null,
        $port = null,
        $socket = null
    ) {
        mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
        parent::__construct($host, $username, $passwd, $dbname, $port, $socket);
        $this->set_charset('utf8mb4');
    }

    public function safeQuery(string $sql, array $params = []): ?array {
        $stmt = $this->prepare($sql);
        if ($params) {
            $stmt->bind_param(str_repeat("s", count($params)), ...$params);
        }
        $stmt->execute();
        if ($result = $stmt->get_result()) {
            return $result->fetch_all(MYSQLI_BOTH);
        }
        return null;
    }
}

$mysqli = new DBClass('localhost', 'username', 'password', 'db_test');
$result = $mysqli->safeQuery('SELECT * FROM people WHERE id=?', [$myId]);

您需要在函数外部连接一次，并将连接作为参数传递

你需要使用事先准备好的语句

摆脱这个无用的循环和

num\u行

如果您认为每次都将连接传递到此函数太多，可以创建mysqli的子类，例如：

// Enable mysqli error reporting and open connection
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli('localhost', 'username', 'password', 'db_test');
$mysqli->set_charset('utf8mb4'); // always set the charset

function getgquery(mysqli $mysqli, string $I_sql, array $params = []): ?array {
    $stmt = $mysqli->prepare($I_sql);
    if ($params) {
        $stmt->bind_param(str_repeat("s", count($params)), ...$params);
    }
    $stmt->execute();
    if ($result = $stmt->get_result()) {
        return $result->fetch_all(MYSQLI_BOTH);
    }
}

// with the typo fixed:
print_r(getgquery($mysqli, 'SELECT * FROM `people`')); 

class DBClass extends mysqli {
    public function __construct(
        $host = null,
        $username = null,
        $passwd = null,
        $dbname = null,
        $port = null,
        $socket = null
    ) {
        mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
        parent::__construct($host, $username, $passwd, $dbname, $port, $socket);
        $this->set_charset('utf8mb4');
    }

    public function safeQuery(string $sql, array $params = []): ?array {
        $stmt = $this->prepare($sql);
        if ($params) {
            $stmt->bind_param(str_repeat("s", count($params)), ...$params);
        }
        $stmt->execute();
        if ($result = $stmt->get_result()) {
            return $result->fetch_all(MYSQLI_BOTH);
        }
        return null;
    }
}

$mysqli = new DBClass('localhost', 'username', 'password', 'db_test');
$result = $mysqli->safeQuery('SELECT * FROM people WHERE id=?', [$myId]);

然后像这样使用它：

// Enable mysqli error reporting and open connection
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli('localhost', 'username', 'password', 'db_test');
$mysqli->set_charset('utf8mb4'); // always set the charset

function getgquery(mysqli $mysqli, string $I_sql, array $params = []): ?array {
    $stmt = $mysqli->prepare($I_sql);
    if ($params) {
        $stmt->bind_param(str_repeat("s", count($params)), ...$params);
    }
    $stmt->execute();
    if ($result = $stmt->get_result()) {
        return $result->fetch_all(MYSQLI_BOTH);
    }
}

// with the typo fixed:
print_r(getgquery($mysqli, 'SELECT * FROM `people`')); 

class DBClass extends mysqli {
    public function __construct(
        $host = null,
        $username = null,
        $passwd = null,
        $dbname = null,
        $port = null,
        $socket = null
    ) {
        mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
        parent::__construct($host, $username, $passwd, $dbname, $port, $socket);
        $this->set_charset('utf8mb4');
    }

    public function safeQuery(string $sql, array $params = []): ?array {
        $stmt = $this->prepare($sql);
        if ($params) {
            $stmt->bind_param(str_repeat("s", count($params)), ...$params);
        }
        $stmt->execute();
        if ($result = $stmt->get_result()) {
            return $result->fetch_all(MYSQLI_BOTH);
        }
        return null;
    }
}

$mysqli = new DBClass('localhost', 'username', 'password', 'db_test');
$result = $mysqli->safeQuery('SELECT * FROM people WHERE id=?', [$myId]);

---

这可能是一个简单的拼写错误吗<代码>个人！=

people

在一个函数中进行连接的坏习惯，如果你经常这样做，你可能会在一个脚本中调用10个函数并连接10次。连接过程相对较慢process@RiggsFolly天哪，我真的很尴尬谢谢lot@RiggsFolly你觉得我该怎么办？我想说我从来没有做过这么愚蠢的事。。。但这与事实相去甚远：）