prepared-statement

问题 I'm little bit confused with first use of mysqli dynamic parameter binding. My query is UPDATE tb_hotel SET hotel_name = ?, hotel_overview = ?, hotel_active = ?, hotel_location_description = ?, hotel_location_gmap = ?, hotel_cm_mapping_id = ? WHERE hotel_id = ? When I dump the array which I pass to call_user_func_array is array (size=8) 0 => string 'ssisssi' (length=7) 1 => &string 'sdfsfdsf' (length=8) 2 => &string 'sdfdsf' (length=6) 3 => &int 0 4 => &string 'dsfdsfds' (length=8) 5 =>

问题 In MySQLi's prepared statement API, bind_param takes a type specification char. MySQLi's fetch_field returns an object with several properties related to the field. However, the type specification char is not one of the available properties ( $field->type returns an integer corresponding to a constant, not a type specification char). What is the best way to get the type specification char from a MySQLi field? 回答1: Just treat everything as a string, and use type s . The mysql server

问题 I want to batch up multiple types of database calls in one PreparedStatement. Is this possible? Is there anyway to do something like PreparedStatement pstmt = connection.prepareStatement("?"); where the ? can either be INSERT INTO MY_TABLE VALUES(1,2,3,4) or it could be UPDATE MY_TABLE, SET MY_VAL='1' WHERE MY_VAL IS NULL Or do I always need to specify a table and action for my prepared statement? 回答1: Java will not allow you add only ? in preparedstatement string parameter, as it expects the

问题 I'm trying to update a single element in one of my tables using a PDO prepared statement, and for some reason it's not working. I'm using try-and-catch and I'm receiving no errors from the system. I've also echoed both of my bound parameters, and they are both registering in the system, so I don't know why it's not going through. I've used a query very similar to this in another script and everything was fine. if($_POST['check_request'] == "Yes"){ $check_amnt = $_POST['check_amnt']; try {

问题 I'm trying to make a connection pool with the dbcp framework for my oracle server. I used this tutorial for the connection. The problem is to create a OraclePreparedStatement with this connection: Connection oracleCon; OraclePreparedStatement o_stmt; String sql = "INSERT INTO T002_metadata (T002_datacitexml,T002_version, T002_active) VALUES (?,?,?) RETURNING T002_id INTO ?"; oracleCon = ConnectionManager.ds.getConnection(); o_stmt = ((OraclePreparedStatement) oracleCon.prepareStatement(sql));

问题 I am trying to understand when I should use prepared statements in php/mysqli. Should every php/mysqli query use prepared statements or just queries and instances where user input is involved ... such as an html form that asks a user to enter data to search within a database? I am migrating my old php5/mysql code to php7/mysqli. I have many php files that query a mysql db. I would like clarification if I need to use prepared statements for every php file that connects to a mysql db ... for

问题 I'm getting this error : Number of variables doesn't match number of parameters in prepared statement every time I run this code: $dbh = new mysqli("localhost", "***", "***", "pics"); $stmt = $dbh->prepare("INSERT INTO comments (username, picture, comment) VALUES (?, ?, ?)"); $stmt->bind_Param('s', $username); $stmt->bind_Param('d', $picture); $stmt->bind_Param('s', $comment); $username=$_SESSION['username']; $picture=$_GET['id']; $comment=$_POST['comment']; $stmt->execute(); What's the

问题 I want to insert top 20 ROWS from a table tbl_A in db_A to tbl_B in db_B. The schema for tbl_A and tbl_B is: CREATE TABLE <tbl_name> ( id serial PRIMARY KEY, int a, int b ); I have some questions related to following queries psql db_A SELECT dblink_connect("dbname=db_B"); SELECT dblink_open('curse', 'SELECT id, a, b FROM tbl_B'); INSERT INTO tbl_A (SELECT id, a, b FROM dblink_fetch('curse', 20) AS (s_is int, s_a int, s_b int)) RETURNING a; Can I put the following statements in stored

问题 I'm trying to switch from mySql statements to PDO prepared statements, but I'm having trouble figuring out the correct syntax for the if/else statements that I have to use if the insert was successful (which were previously if($result) {...} ). I know that $stmt->execute(); returns true on success or false on failure, but I haven't been able to determine how to set the statement up to act on that. The new code (PDO prepared statement) $gender = $_POST['gender']; if ($gender==="female" ) { try

问题 I'm using PMA to test some pivot queries (dynamic columns), everything seems to be working just fine however, I'm only getting the # Rows in my results, not the actual set of rows. How can I see my result set? SET @sql = NULL; SELECT GROUP_CONCAT(DISTINCT CONCAT( 'MAX(IF(t.week_end = ''', t1.week_end, ''', t.st_hours, NULL)) AS ''', t1.week_end, '\'' ) ) INTO @sql FROM timesheets t1 WHERE t1.week_end > "2015-03-01"; SET @sql = CONCAT('SELECT t.assignment_id , ', @sql, ' FROM timesheets t LEFT