mysqli get_result和bind_result之间的性能或安全性差异? [英] Performance or security differences between mysqli get_result and bind_result?

问题描述

php开发人员创建函数bind_result有什么意义，因为get_result看起来也可以正常工作.

Whats the point for php developer to create function bind_result, as it seems get_result work fine too.

if($stmt=$mysqli->prepare("SELECT member_ID FROM members where hair=? and hand=?")){
    if($stmt->bind_param('ss',$hair,$hand)){
        if($stmt->execute){
            $result=$stmt->get_result();
            while($line=$result->fetch_assoc()){
                echo $line['member_ID'];
            }
            // ------------ versus -------------------
            // $stmt->store_result();
            // $stmt->bind_result($member_ID);
            // while($stmt->fetch()){
            //  echo $member_ID;
            // }
        }
    }
}

似乎(我猜)PHP开发人员自己更喜欢$stmt->fetch()，因为此功能发布较早，但是为什么$stmt->fetch()?似乎不是$row['member_ID']和$member_ID之间的变量名不同的原因.

It seems that (I'm guessing) php developer themselves prefer $stmt->fetch() since this function came out earlier, but why $stmt->fetch()? It don't seem to be reason of variable name difference between $row['member_ID'] and $member_ID.

推荐答案

一些程序员喜欢将关联数组的每个元素分配给一个常规变量，因此他们可以减少冗长的使用.使用bind_result会自动为您执行此操作，您不必每次都在抓取循环中重复该操作.

Some programmers like to assign each element of the associative array to a regular variable, so they can use them less verbosely. Using bind_result does this automatically for you, and you don't have to repeat it each time through the fetch loop.

基本上，这只是样式选择.恕我直言，bind_result的主要问题是您必须确保参数的顺序与select列表保持同步.对于bind_param来说也是如此(这就是PDO允许使用:name参数来解决此问题的原因)，但是好处胜过了它.

It's basically just a stylistic choice. IMHO, the main problem with bind_result is that you have to make sure to keep the order of the arguments in sync with the select list. This is also true for bind_param (which is why PDO allows :name parameters, to solve this), but the benefits outweigh it.

这篇关于mysqli get_result和bind_result之间的性能或安全性差异?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！