MySQLI binding params using call_user_func_array
Please see below my code. I am attempting to bind an array of paramenters to my prepared statement. I\'ve been looking around on the web and can see I have to use call_user_
-
Most of the above are not solutions without integrating the types along with the values before adding them to call_user_func_array(). This solution worked for me:
/* create a database connection */ $db = new mysqli($host, $user, $password, $db_name); /* setup the sql, values, and types */ $sql="SELECT * FROM languages WHERE language_code = ? AND charset = ? ORDER BY native_name"; $values = array($langCode, $charset); $types = "ss"; /* pass those variables to the execute() function defined below */ if ($rows = execute($sql, $values, $types)) { return $rows[0]; } function execute($sql, $values='', $types='') { /* prepare the sql before binding values and types */ $stmt = $db->prepare($sql); /*combine the values and types into $inputArray */ $inputArray[] = &$types; $j = count($values); for($i=0;$i<$j;$i++){ $inputArray[] = &$values[$i]; } /* add the combined values and types to call_user_func_array() for binding */ call_user_func_array(array($stmt, 'bind_param'), $inputArray); $result = $stmt->execute(); return $result; }Here's a reference to the full description this example is based on: http://big.info/2015/08/php-use-call_user_func_array-for-variable-number-of-parameters-arrays-in-prepared-statements.html
讨论(0) -
If you get an error, you should try this:
call_user_func_array(array($stmt, 'bind_param'), refValues($params)); function refValues($arr){ if (strnatcmp(phpversion(),'5.3') >= 0) { $refs = array(); foreach($arr as $key => $value) $refs[$key] = &$arr[$key]; return $refs; } return $arr; }讨论(0) -
Since PHP 5.6, you don't have to mess around with
call_user_func_array()anymore.Instead of:
$stmt->bind_param($param_types, $my_params_array);you can just use the splat operator, like this:
$stmt->bind_param($param_types, ...$my_params_array); // exact code讨论(0) -
It must be like this:
//connect $mysqli = new mysqli($host, $user, $password, $db_name); //prepare $stmt = $mysqli->prepare("SELECT * FROM the_table WHERE field1= ? AND Field2= ?"); //Binding parameters. Types: s = string, i = integer, d = double, b = blob $params= array("ss","string_1","string_2"); //now we need to add references $tmp = array(); foreach($params as $key => $value) $tmp[$key] = &$params[$key]; // now us the new array call_user_func_array(array($stmt, 'bind_param'), $tmp); $stmt->execute(); /* Fetch result to array */ $res = $stmt->get_result(); while($row = $res->fetch_array(MYSQLI_ASSOC)) { $a_data[]=$row; } print_r($a_data); $stmt->close();讨论(0) -
Why would you want to call call_user_func_array(array($statement, 'bind_param'), $bind_arguments)? Because $bind_arguments is an array. You get to have one function that binds a statement to its queried parameters, no matter how many parameters you'd have otherwise.
Example of good code...
<?php # link $dblink = new mysqli('HOSTNAME','USERNAME','PASSWORD','DATABASENAME'); # example data $statement = $dblink->prepare("SELECT * from Person WHERE FirstName = ? AND MiddleName = ? AND LastName = ? and Age = ?"); $recordvalues = ['John', 'H.', 'Smith', 25]; $sqlbindstring = "sssi"; # String, String, String, Integer example # make the references $bind_arguments = []; $bind_arguments[] = $sqlbindstring; foreach ($recordvalues as $recordkey => $recordvalue) { $bind_arguments[] = & $recordvalues[$recordkey]; # bind to array ref, not to the temporary $recordvalue } # query the db call_user_func_array(array($statement, 'bind_param'), $bind_arguments); # bind arguments $statement->execute(); # run statement $result = $statement->get_result(); # get results # get the results if($result) { while ($row = $result->fetch_assoc()) { print("\n\nMy row is..."); print_r($row); } } ?>Example of bad code...
<?php # Same setup as above.. $statement->prepare("SELECT * from Person WHERE FirstName = ? AND MiddleName = ? AND LastName = ? and Age = ?"); $statement->bind('John', 'H.", 'Smith', 25); ?>In the first example: You can pass as much or as little to the binding to be done, so that bind() might be called in only one line in your entire application. This scales well.
In the second example: You must write one bind() statement for every possible group of insertions for every possible record in your database. This scales poorly.
讨论(0) -
Wasn't able to answer this on my own question because it got marked as dupe: here. But I think my final solution, which uses the answers in this question, works in my use case, might be helpful for someone.
My goals was to take a posted set of ID's and use them in a
NOT INMYSQL statement. Assuming array of 5 ID's posted.Count the number posted ID's to build the
?placeholders forNOT INstatement. Using$params_count = substr(str_repeat(',?', count($array_of_ids)), 1);gives the result:(?,?,?,?,?)to be used in SQL statement.Make function that takes ID's and type
iorsetc. For me, they were alliso my function is simpler. return array that looks like this$params= array("iiiii",1,2,3,4,5)where the first value is the set ofi's and the subsequent values are the ID's depending on total ID's passed into function.function build_bind_params($values, $bind_type) { $s = substr(str_repeat($bind_type, count($values)), 0); $bind_array = array(); $bind_array[] = $s; foreach($values as $value) { $bind_array[] = $value; } return $bind_array; }
$params = build_bind_params($array_of_ids, "i");Then use
foreach ($params as $key => $value) $tmp[$key] = &$params[$key];to get the newly created$paramsformatted properly for binding.Then use
call_user_func_array(array($stmt , 'bind_param') , $tmp);to properly bind the array.Then execute the
$stmt
讨论(0)
加载中...
- 热议问题