第一种:
$servername = 'localhost'; $username = 'root'; $password = ''; $dbname = 'myDB'; $conn = new mysqli($servername, $username, $password, $dbname); if($conn->connect_error){ die('连接失败:'.$conn->connect_error); }else{ $sql = 'INSERT INTO MyGuests(firstname, lastname, email) VALUES(?, ?, ?)'; $stmt = mysqli_stmt_init($conn); // 为 mysqli_stmt_prepare() 初始化 statement 对象 //预处理语句 if(mysqli_stmt_prepare($stmt,$sql)){ // 绑定参数 mysqli_stmt_bind_param($stmt,'sss', $firstname, $lastname, $email); $firstname = 'jone'; $lastname = 'doe'; $email = 'jone@example.com'; mysqli_stmt_execute($stmt); } }
第二种:
$servername = 'localhost'; $username = 'root'; $password = ''; $dbname = 'myDB'; $conn = new mysqli($servername, $username, $password, $dbname); if($conn->connect_error) { die('连接失败:' . $conn->connect_error); } else{ $sql = 'INSERT INTO MyGuests(firstname, lastname, email) VALUES(?, ?, ?)'; $stmt = $conn->prepare($sql); $stmt->bind_param('sss', $firstname, $lastname, $email); $firstname = 'jone'; $lastname = 'doe'; $email = 'jone@example.com'; $stmt->execute(); $stmt->close(); $conn->close(); }
参数有以下四种类型:
- i - integer(整型)
- d - double(双精度浮点型)
- s - string(字符串)
- b - BLOB(binary large object:二进制大对象)
每个参数都需要指定类型。