【发布时间】:2021-12-26 17:12:03
【问题描述】:
我与数据库交互的正常顺序是这样的:
$sql = "select count(*) from users where username = :newusername";
$statement = $databaseConnection->prepare($sql);
$statement->bindParam(":newusername", $newUsername, PDO::PARAM_STR);
$statement->execute();
...prepare 在 bindParam 之前调用。我可以在我的 bindParams 之后准备 SQL 还是行不通?这对这个逻辑很方便:
$sql = "update users set suspended = :newsuspensionsetting";
$statement->bindParam(":newsuspensionsetting", $newSuspensionSetting, PDO::PARAM_INT);
if ($newUsernameHasBeenSet) {
$sql .= ", username = :newusername";
$statement->bindParam(":newusername", $newUsername, PDO::PARAM_STR);
}
if ($newPasswordHasBeenSet) {
$newPassword = password_hash($newPassword, PASSWORD_DEFAULT);
$sql .= ", password = :newpassword";
$statement->bindParam(":newpassword", $newPassword, PDO::PARAM_STR);
}
$sql .= "where permanent_id = :permanentidofusertochange";
$statement->bindParam(":permanentidofusertochange", $permanentIDOfUserToChange, PDO::PARAM_STR);
$statement = $databaseConnection->prepare($sql);
$statement->execute();
谢谢
【问题讨论】:
-
在准备好的语句中,值绑定到占位符,答案是否定的
-
构建一个值数组,然后在构建并准备好查询后处理该数组以进行绑定
标签: php sql pdo prepared-statement