PHP准备的语句与数组 [英] php prepared statements with an array

问题描述

我有一个函数可以做一个简单的插入，但是我试图通过传递一个数组来使方法更健壮. 这是我传递给它的数组:

i have a function to do a simple insert, but am trying to make the method more robust by passing an array. and this is the array i pass into it:

        $form_data = array(
        "sort_order"=>$_POST['sort_order'],
        "name"=>$_POST['page_name'],
        "text"=>$_POST['page_text'],
        "image"=>$_POST['page_image'],
        "meta_desc"=>$_POST['meta_desc'],
        "meta_kw"=>$_POST['meta_kw'],
        "meta_author"=>$_POST['meta_author'],
        "image_thumb"=>"NULL",
    );

这是功能代码:

public function insert_data($array){
        $keys = array();
        $values = array();

        foreach($array as $k => $v){
            $keys[] = $k;
            if(!empty($v)){
                $values[] = $v;
            } else {
                $values[] = "NULL";
            }
        }

        $stmt = self::$mysqli->stmt_init();
        $query = "INSERT INTO `".DB_TABLE_PAGES."` (".implode(",",$keys).") VALUES (?,?,?,?,?,?,?,?)";


        $stmt->prepare($query);
        $stmt->bind_param('ssssssss',implode(",",$values));

        //$stmt->execute();
    }

但是我得到这个错误: 类型定义字符串中的元素数量与绑定变量的数量不匹配.

but i get this error: Number of elements in type definition string doesn't match number of bind variables.

我知道问题出在哪里，但是我不明白如何实现.

i know what the problem is, but i dont understand how i can achieve it.

我已经用Google搜索并遇到了这个线程:

i have googled and came across this thread:

链接到线程

有人可以帮我解决这个问题吗?

could any one help me suss this out?

非常感谢

推荐答案

尝试一下:

public function insert_data($array){
    $placeholders = array_fill(0, count($array), '?');

    $keys = $values = array();
    foreach($array as $k => $v) {
        $keys[] = $k;
        $values[] = !empty($v) ? $v : null;
    }

    $stmt = self::$mysqli->stmt_init();
    $query = 'INSERT INTO `'.DB_TABLE_PAGES.'` '.
             '('.implode(',', $keys).') VALUES '.
             '('.implode(',', $placeholders).')';
    $stmt->prepare($query);

    call_user_func_array(
        array($stmt, 'bind_param'), 
        array_merge(
            array(str_repeat('s', count($values))),
            $values
        )
    );

    $stmt->execute();
}

或者更好的是，改用PDO:

Or better yet, use PDO instead:

public function insert_data($array){
    $placeholders = array_fill(0, count($array), '?');

    $keys = $values = array();
    foreach($array as $k => $v){
        $keys[] = $k;
        $values[] = !empty($v) ? $v : null;
    }

    // assuming the PDO instance is $pdo
    $query = 'INSERT INTO `'.DB_TABLE_PAGES.'` '.
             '('.implode(',', $keys).') VALUES '.
             '('.implode(',', $placeholders).')';
    $stmt = $pdo->prepare($query);

    $stmt->execute($values);
}

注意:我使用了null常量，因为"NULL"字符串将以字符串(而不是空值)的形式转义.

Note: I've used the null constant because the "NULL" string will be escaped as a string (not as a null value).

这篇关于PHP准备的语句与数组的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！