在mysqli_query中使用bind_param [英] using bind_param with mysqli_query

问题描述

我想要将用户的输入绑定，以便将数据添加到数据库中，我编写了这段代码，但不知道如何完成

I want bind input from user befor add data to database , I wrote this code but I don't know how I complete it

$con=mysqli_connect('localhost', 'root', '', 'user');
$con->set_charset("utf8");
$result = mysqli_query($con,("INSERT INTO users(name, email, user_phone_number, password) VALUES (?,?,?,?)");

用户输入$name , $email , $user_phone_number , $password我不想将此普拉特直接添加到我使用的数据库中????

user input $name , $email , $user_phone_number , $password this pramter I don't want add directly to my database for that I used ????

在PDO中，我使用bindValue，但是在这里我应该怎么做?

in PDO I use bindValue but here what I should do ?

推荐答案

您不要在已准备好的语句中使用mysqli_query()，而是使用mysqli_prepare().

You don't use mysqli_query() with prepared statements, you use mysqli_prepare().

$stmt = mysqli_prepare($con, "INSERT INTO users(name, email, user_phone_number, password) VALUES (?,?,?,?)");
mysqli_stmt_bind_param($stmt, "ssss", $name, $email, $user_phone_number, $password);
$result = mysqli_stmt_execute($stmt);

这篇关于在mysqli_query中使用bind_param的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！