方案使用预编译技术,该方案还可以防止sql注入攻击.
实现代码
<?php
//预编译演示
//需求: 请使用预处理的方式,向数据库添加三个用户
//1.创建mysqli对象
$mysqli=new MySQLi("localhost","root","hsp123","test");
//2.创建预编译对象
$sql="insert into user1 (name,password,email,age) values(?,?,?,?)";
$mysqli_stmt=$mysqli->prepare($sql) or die($mysqli->error);
//绑定参数
$name="gd";
$password="gd";
$email="[email protected]";
$age="30";
//参数绑定->给?赋值,这里类型和顺序都要对应.
//
$mysqli_stmt->bind_param("sssi",$name,$password,$email,$age);
//执行
$b=$mysqli_stmt->execute();
//继续添加
$name="one";
$password="one";
$email="[email protected]";
$age="25";
$mysqli_stmt->bind_param("sssi",$name,$password,$email,$age);
//执行
$b=$mysqli_stmt->execute() ;
//继续添加
$name="irene";
$password="aaa";
$email="[email protected]";
$age="25";
$mysqli_stmt->bind_param("sssi",$name,$password,$email,$age);
//执行
$b=$mysqli_stmt->execute();
if(!$b){
die("操作失败".$mysqli_stmt->error);
}else{
echo "操作ok";
}
//释放
$mysqli->close();
?>