发表新帖
发表新帖

Using fetch_assoc on prepared statements (php mysqli)

前端 未结
关注
3 1460
别跟我提以往
别跟我提以往 2020-11-30 14:11

I\'m currently working on a login script, and I got this code:

$selectUser = $db->prepare(\"SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?\
相关标签:
3条回答
  • 面向向阳花
    2020-11-30 14:33

    Now talk of alternatives.

    PDO, unlike mysqli, never have a problem like this. It can fetch you an array out of a prepared statement without the need of installing any additional modules. 

    $stmt = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$stmt->execute([$username]);
$user = $stmt->fetch();

if (!$user) {
    echo "no_user";
} else {
    echo $user['id'];
}

    See, it works exactly the way you would expect and require two times less code to write. Not to mention other wonderful features.

    0 讨论(0)
  • 别跟我提以往
    2020-11-30 14:45

    1) you need the mysqlInd driver.

    The variable $db is of type mysqli_stmt, not mysqli_result. The mysqli_stmt class doesn't have a method fetch_assoc() defined for it.

    You can get a mysqli_result object from your mysqli_stmt object by calling its get_result() method. For this you need the mysqlInd driver installed!

    Alternative try this

        $selectUser = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
    $selectUser->bind_param('s', $username);

     $selectUser->execute();
    $selectUser->bind_result($id, $password,$salt);

    while ($selectUser->fetch()) {
        printf("%s %s %s\n", $id, $password,$salt);
    }

    for more info about this Reference link

    0 讨论(0)
  • 南笙
    2020-11-30 14:52

    That's because fetch_assoc is not part of a mysqli_stmt object. fetch_assoc belongs to the mysqli_result class. You can use mysqli_stmt::get_result to first get a result object and then call fetch_assoc:

    $selectUser = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$selectUser->bind_param('s', $username);
$selectUser->execute();
$result = $selectUser->get_result();
$assoc = $result->fetch_assoc();

    Alternatively, you can use bind_result to bind the query's columns to variables and use fetch() instead:

    $selectUser = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$selectUser->bind_param('s', $username);
$selectUser->bind_result($id, $password, $salt);
$selectUser->execute();
while($selectUser->fetch())
{
    //$id, $password and $salt contain the values you're looking for
}
    0 讨论(0)
 看不清?
提交回复
热议问题