学习从哪里准备的陈述中选择 [英] Learning SELECT FROM WHERE prepared statements

问题描述

有人可以将下面的代码重写为准备好的语句吗?

Can someone re-write the below code as a prepared statement?

result = mysqli_query($con,"SELECT * FROM note_system WHERE note = '$cnote'") 
or die("Error: ".mysqli_error($con));

while($row = mysqli_fetch_array($result))
{
$nid = $row['id']; 

}

我正在尝试学习准备好的语句，但是从我在搜索时发现的许多示例中很难理解它的工作原理.我希望如果我看到一些我熟悉的代码，将其重写为一条准备好的语句，它可能会对我单击.请不要使用PDO，就我目前的知识水平而言，这太让我感到困惑了.谢谢.

I am trying to learn prepared statements and am having trouble understanding how it works from the many examples I have found while searching. I am hoping that if I see some code I am familiar with re-written as a prepared statement that it might click for me. Please no PDO, that is too confusing for me at my current level of knowledge. Thanks.

推荐答案

Hello ButterDog让我逐步引导您完成PDO.

Hello ButterDog let me walk you through PDO step by step.

步骤1)

创建一个名为connect.php的文件(或所需的文件).每个需要数据库交互的php文件都需要该文件.

create a file called connect.php (or what ever you want). This file will be required in each php file that requires database interactions.

让我们也请注意我的评论:

Lets start also please note my comments :

?php

//We set up our database configuration
$username="xxxxx"; // Mysql username
$password="xxxxx"; // Mysql password


// Connect to server via PHP Data Object
$dbh = new PDO("mysql:host=xxxxx;dbname=xxxxx", $username, $password); // Construct the PDO variable using $dbh
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Set attributes for error reporting very IMPORTANT!
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, FALSE); // Set this to false so you can allow the actual PDO driver to do all the work, further adding abstraction to your data interactions.
?>

步骤2)需要connect.php，请看一下:

Step 2) Require the connect.php please take a look :

require ('....../........./...../connect.php'); // Require the connect script that made your PDO variable $dbh

第3步)

要开始数据库交互，只需执行以下操作，还请阅读代码注释.目前，我们将不再担心数组！充分利用PDO，然后担心使其更容易使用！通过重复，漫长的路要走"对代码有了更多的了解.一开始不要走捷径，一旦您了解自己在做什么，就把它们砍掉！

to start database interactions just do the following also please read the code comments. For the moment we will not worry about arrays! Get the full gyst of PDO then worry about making it easier to work with! With repetition the "long way" comes more understanding of the code. Do not cut corners to begin with, cut them once you understand what you are doing!

$query = $dbh->prepare("SELECT * FROM note_system WHERE note = :cnote"); // This will call the variable $dbh in the required file setting up your database connection and also preparing the query!

$query->bindParam(':cnote', $cnote); // This is the bread and butter of PDO named binding, this is one of the biggest selling points of PDO! Please remember that now this step will take what ever variable ($cnote) and relate that to (:cnote)

$query->execute(); // This will then take what ever $query is execute aka run a query against the database

$row = $query->fetch(PDO::FETCH_ASSOC); // Use a simple fetch and store the variables in a array

echo $row['yourvalue']; // This will take the variable above (which is a array) and call on 'yourvalue' and then echo it.

这就是 PDO的全部内容.希望对您有所帮助！

Thats all there is to PDO. Hope that helped!

还请查看此.那对我有很大帮助！

Also take a look at this. That helped me so so much!

我还使用此作为参考(有时) -该网站看起来像废话，但是那里有关于PDO的质量信息.我还使用此，我发誓这是最后一个链接！因此，在此之后，您只需问任何问题，但希望可以将其转变为有关PDO的一些参考指南. (希望大声笑)

I also use this as a reference (sometimes) - The web site looks like crap but there is quality information on PDO on there. I also use this and I swear this is the last link! So after this any questions just ask, but hopefully this can turn into a little reference guide on PDO. (hopefully lol)

这篇关于学习从哪里准备的陈述中选择的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！