如何准备更新查询语句? [英] How to prepare statement for update query?

问题描述

我有一个带有以下代码的mysqli查询:

I have a mysqli query with the following code:

$db_usag->query("UPDATE Applicant SET phone_number ='$phone_number', 
street_name='$street_name', city='$city', county='$county', zip_code='$zip_code', day_date='$day_date', month_date='$month_date',
 year_date='$year_date' WHERE account_id='$account_id'");

但是，所有数据都是从HTML文档中提取的，因此为了避免错误，我想使用准备好的语句.我在bind_param() 上找到了 PHP文档，但是不是UPDATE的例子.

However all the data is extracted from HTML documents so to avoid errors I would like to use a prepared statement. I found PHP documentation on bind_param() but there is no UPDATE example.

推荐答案

UPDATE的作用与插入或选择相同.只需将所有变量替换为?.

An UPDATE works the same as an insert or select. Just replace all the variables with ?.

$sql = "UPDATE Applicant SET phone_number=?, street_name=?, city=?, county=?, zip_code=?, day_date=?, month_date=?, year_date=? WHERE account_id=?";

$stmt = $db_usag->prepare($sql);

// This assumes the date and account_id parameters are integers `d` and the rest are strings `s`
// So that's 5 consecutive string params and then 4 integer params

$stmt->bind_param('sssssdddd', $phone_number, $street_name, $city, $county, $zip_code, $day_date, $month_date, $year_date, $account_id);
$stmt->execute();

if ($stmt->error) {
  echo "FAILURE!!! " . $stmt->error;
}
else echo "Updated {$stmt->affected_rows} rows";

$stmt->close();

这篇关于如何准备更新查询语句?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！