mysqli绑定变量 [英] mysqli bind variables

问题描述

我有这个部分代码:

if ($getRecords = $con->prepare("SELECT * FROM AUCTIONS WHERE ARTICLE_NO = ?"))

{

$getHtml = $con->prepare("SELECT ARTICLE_DESC FROM AUCTIONS WHERE ARTICLE_NO = ?");

$getHtml->bind_param("i", $pk);

$getHtml->execute();

$getHtml->bind_result($ARTICLE_DESC);



$getRecords->bind_param("i", $pk); 

$getRecords->execute(); 

$getRecords->bind_result($ARTICLE_NO, $ARTICLE_NAME, $SUBTITLE, $CURRENT_BID, $START_PRICE, $BID_COUNT, $QUANT_TOTAL, $QUANT_SOLD, $ACCESSSTARTS, $ACCESSENDS, $ACCESSORIGIN_END, $USERNAME, $BEST_BIDDER_ID, $FINISHED, $WATCH, $BUYITNOW_PRICE, $PIC_URL, $PRIVATE_AUCTION, $AUCTION_TYPE, $ACCESSINSERT_DATE, $ACCESSUPDATE_DATE, $CAT_DESC, $CAT_PATH, $COUNTRYCODE, $LOCATION, $CONDITIONS, $REVISED, $PAYPAL_ACCEPT, $PRE_TERMINATED, $SHIPPING_TO, $FEE_INSERTION, $FEE_FINAL, $FEE_LISTING, $PIC_XXL, $PIC_DIASHOW, $PIC_COUNT, $ITEM_SITE_ID);

否则运行正常，但是出现错误:

Which otherwise runs OK, however I get an error:

绑定变量数与准备好的语句中的字段数不匹配

Number of bind variables doesn't match number of fields in prepared statement

在我发布的最后一行上.

On the last line I posted.

我不确定是什么问题.我想单独使用一些列，例如ARTICLE_DESC.这是否意味着我不能使用select *，而必须在查询中输入每个列名称?

I am not sure what the problem is. I want to use some columns seperate, eg ARTICLE_DESC. Does this mean I cannot use select *, and must put in each of the column names in the query?

edit:是否需要绑定?是否可以获得安全性或性能优势?我还能没有吗?

edit: is it necessary to bind? are there security or performance advantages to be gained? Can I just as well do without?

推荐答案

实际上，您应该设置列的名称，而不要使用*.

Really you should be setting the names of the columns rather then using *.

这样，您将确切知道要传递给bind_result方法的列.

This way, you will know exactly which columns to pass to the bind_result method.

这篇关于mysqli绑定变量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！