简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Article  >  Backend Development  >  Introduction to the usage of php bind_param() function

Introduction to the usage of php bind_param() function

怪我咯
怪我咯Original
2017-07-07 09:56:372965browse

This article mainly introduces the usage of bind_param() function in php. It briefly analyzes the functions, parameters, usage and related precautions of bind_param() function. , required Friends can refer to

The examples in this article describe the usage of bind_param() function in php. Share it with everyone for your reference, the details are as follows:

It is not difficult to understand literally, the binding parameters; let me explain it through an example of binding parameters:

for example:

bind_param("sss", firstname,lastname, $email);

1. This function binds SQL parameters and tells The value of the database parameter. The "sss" parameter column handles the

data type of the remaining parameters. The s character tells the database that the parameter is a string.

Parameters have the following four types:

i - integer (integer type) d - double (double precision
Float type)s - string (string)
b - BLOB (Boolean value)

Required for each parameter Specify the type.

By telling the database the data type of the parameter, you can reduce the risk of SQL injection.

2. The above firstname, lastname, $email are passed by references, which cannot be directly written as strings after PHP5.3. In order to verify this conclusion, I wrote a test here, as follows: 

$servername="localhost";
$username="root";
$password="admin";
$dbname="test";
$conn=new mysqli($servername,$username,$password,$dbname);
if($conn->connect_error){
 die("connected failed:".$conn->connect_error);
}
$sql="INSERT INTO user(user_first,user_last,age)VALUES(?,?,?)";
$stmt=$conn->prepare($sql);
$stmt->bind_param("sss","xiao","hong",22);
$stmt->execute();
echo "News records created successfully!";
$stmt->close();
$conn->close();

Above I wrote a test program that writes parameters directly into strings. After running, it pops up:

Finally, I rewrote the program as follows: 

$servername="localhost";
$username="root";
$password="password";
$dbname="test";
$conn=new mysqli($servername,$username,$password,$dbname);
if($conn->connect_error){
   die("Connect failed:".$conn->connect_error);
}
$sql="INSERT INTO user(user_first,user_last,age)VALUES(?,?,?)";
$stmt=$conn->prepare($sql);
$stmt->bind_param("sss",$user_first,$user_last,$age);
$user_first="xiao";
$user_last="hong";
$age=12;
$stmt->execute();
echo "News records created successfully!";
$stmt->close();
$conn->close();

The above is the detailed content of Introduction to the usage of php bind_param() function. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Introduction to the usage of php str_pad() functionNext article:Introduction to the usage of php str_pad() function

Related articles

See more