function mysqli_fetch_array_large($offset, $link, $package_size) { /* we are aiming for maximum compression to test MYSQLI_CLIENT_COMPRESS */ $random_char = str_repeat('a', 255); $sql = "INSERT INTO test(label) VALUES "; while (strlen($sql) < $package_size - 259) { $sql .= sprintf("('%s'), ", $random_char); } $sql = substr($sql, 0, -2); $len = strlen($sql); assert($len < $package_size); if (!@mysqli_query($link, $sql)) { if (1153 == mysqli_errno($link) || 2006 == mysqli_errno($link) || stristr(mysqli_error($link), 'max_allowed_packet')) { /* myslqnd - [1153] Got a packet bigger than 'max_allowed_packet' bytes libmysql -[2006] MySQL server has gone away */ return false; } printf("[%03d + 1] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link)); return false; } /* buffered result set - let's hope we do not run into PHP memory limit... */ if (!($res = mysqli_query($link, "SELECT id, label FROM test"))) { printf("[%03d + 2] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link)); return false; } while ($row = mysqli_fetch_assoc($res)) { if ($row['label'] != $random_char) { printf("[%03d + 3] Wrong results - expecting '%s' got '%s', len = %d, [%d] %s\n", $offset, $random_char, $row['label'], $len, mysqli_errno($link), mysqli_error($link)); return false; } } mysqli_free_result($res); if (!($stmt = mysqli_prepare($link, "SELECT id, label FROM test"))) { printf("[%03d + 4] len = %d, [%d] %s\n", $offset, $len, mysqli_errno($link), mysqli_error($link)); return false; } /* unbuffered result set */ if (!mysqli_stmt_execute($stmt)) { printf("[%03d + 5] len = %d, [%d] %s, [%d] %s\n", $offset, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), mysqli_errno($link), mysqli_error($link)); return false; } $id = $label = NULL; if (!mysqli_stmt_bind_result($stmt, $id, $label)) { printf("[%03d + 6] len = %d, [%d] %s, [%d] %s\n", $offset, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), mysqli_errno($link), mysqli_error($link)); return false; } while (mysqli_stmt_fetch($stmt)) { if ($label != $random_char) { printf("[%03d + 7] Wrong results - expecting '%s' got '%s', len = %d, [%d] %s\n", $offset, $random_char, $label, $len, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } } mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); return true; }
function bind_twice($link, $engine, $sql_type1, $sql_type2, $bind_type1, $bind_type2, $bind_value1, $bind_value2, $offset) { if (!mysqli_query($link, "DROP TABLE IF EXISTS test_mysqli_stmt_bind_param_type_juggling_table_1")) { printf("[%03d + 1] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } mysqli_autocommit($link, true); $sql = sprintf("CREATE TABLE test_mysqli_stmt_bind_param_type_juggling_table_1(col1 %s, col2 %s) ENGINE=%s", $sql_type1, $sql_type2, $engine); if (!mysqli_query($link, $sql)) { printf("[%03d + 2] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!($stmt = mysqli_stmt_init($link))) { printf("[%03d + 3] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_bind_param_type_juggling_table_1(col1, col2) VALUES (?, ?)")) { printf("[%03d + 4] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value1)) { printf("[%03d + 5] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d + 6] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_bind_param($stmt, $bind_type1 . $bind_type2, $bind_value1, $bind_value2)) { printf("[%03d + 7] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d + 8] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } mysqli_stmt_close($stmt); if (!($res = mysqli_query($link, "SELECT col1, col2 FROM test_mysqli_stmt_bind_param_type_juggling_table_1"))) { printf("[%03d + 9] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (2 !== ($tmp = mysqli_num_rows($res))) { printf("[%03d + 10] Expecting 2 rows, got %d rows [%d] %s\n", $offset, $tmp, mysqli_errno($link), mysqli_error($link)); } $row = mysqli_fetch_assoc($res); if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value1) { printf("[%03d + 11] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value1, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link)); return false; } $row = mysqli_fetch_assoc($res); if ($row['col1'] != $bind_value1 || $row['col2'] != $bind_value2) { printf("[%03d + 12] Expecting col1 = %s, col2 = %s got col1 = %s, col2 = %s - [%d] %s\n", $offset, $bind_value1, $bind_value2, $row['col1'], $row['col2'], mysqli_errno($link), mysqli_error($link)); return false; } mysqli_free_result($res); return true; }
function mysqli_update($db, $sql) { $stmt = call_user_func_array('mysqli_interpolate', func_get_args()); if (!mysqli_stmt_execute($stmt)) { throw new mysqli_sql_exception(mysqli_stmt_error($stmt), mysqli_stmt_errno($stmt)); } $affected = mysqli_stmt_affected_rows($stmt); mysqli_stmt_close($stmt); return (int) $affected; }
function test_format($link, $format, $from, $order_by, $expected, $offset) { if (!($stmt = mysqli_stmt_init($link))) { printf("[%03d] Cannot create PS, [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if ($order_by) { $sql = sprintf('SELECT %s AS _format FROM %s ORDER BY %s', $format, $from, $order_by); } else { $sql = sprintf('SELECT %s AS _format FROM %s', $format, $from); } if (!mysqli_stmt_prepare($stmt, $sql)) { printf("[%03d] Cannot prepare PS, [%d] %s\n", $offset + 1, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d] Cannot execute PS, [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_store_result($stmt)) { printf("[%03d] Cannot store result set, [%d] %s\n", $offset + 3, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!is_array($expected)) { $result = null; if (!mysqli_stmt_bind_result($stmt, $result)) { printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 4, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_fetch($stmt)) { printf("[%03d] Cannot fetch result,, [%d] %s\n", $offset + 5, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if ($result !== $expected) { printf("[%03d] Expecting %s/%s got %s/%s with %s - %s.\n", $offset + 6, gettype($expected), $expected, gettype($result), $result, $format, $sql); } } else { $order_by_col = $result = null; if (!mysqli_stmt_bind_result($stmt, $order_by_col, $result)) { printf("[%03d] Cannot bind result, [%d] %s\n", $offset + 7, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } reset($expected); while ((list($k, $v) = each($expected)) && mysqli_stmt_fetch($stmt)) { if ($result !== $v) { printf("[%03d] Row %d - expecting %s/%s got %s/%s [%s] with %s - %s.\n", $offset + 8, $k, gettype($v), $v, gettype($result), $result, $order_by_col, $format, $sql); } } } mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); return true; }
public function saveItem($dbc, $cid) { $query = "INSERT INTO basket(cartID,itemName,Value) VALUES(?,?,?)"; $stmt = mysqli_prepare($dbc, $query); if (!$stmt) { die('mysqli error: ' . mysqli_error($dbc)); } mysqli_stmt_bind_param($stmt, "dsd", $cid, $this->name, $this->value); if (!mysqli_execute($stmt)) { die('stmt error: ' . mysqli_stmt_error($stmt)); } $this->id = mysqli_stmt_insert_id($stmt); }
function mysqli_interpolate($db, string $sql, ...$args) : mysqli_stmt { $argn = count($args); $stmt = mysqli_prepare($db, $sql); if ($stmt === false) { throw new mysqli_sql_exception(mysqli_error($db), mysqli_errno($db)); } if ($argn) { $syms = str_repeat('s', $argn); if (false === mysqli_stmt_bind_param($stmt, $syms, ...$args)) { throw new mysqli_sql_exception(mysqli_stmt_error($stmt), mysqli_stmt_errno($stmt)); } } return $stmt; }
public function insertUser($dbc) { require_once '../mysqli_connect.php'; //Insert info into the database $query = "INSERT INTO users(firstName,lastName,email, password, streetAddress, postalCode, DOB, gender) VALUES (?,?,?,?,?,?,?,?)"; //Prepare mysqli statement $stmt = mysqli_prepare($dbc, $query); if (!$stmt) { die('mysqli error1: ' . mysqli_error($dbc)); } //Bind parameters mysqli_stmt_bind_param($stmt, "ssssssds", $this->firstName, $this->lastName, $this->email, $this->password, $this->streetAddress, $this->postalCode, $this->DOB, $this->gender); if (!mysqli_execute($stmt)) { die('stmt error2: ' . mysqli_stmt_error($stmt)); } $this->id = mysqli_stmt_insert_id($stmt); }
function zerofill($offset, $link, $datatype, $insert = 1) { mysqli_query($link, 'ALTER TABLE test_mysqli_stmt_bind_result_zerofill_table_1 DROP zero'); $sql = sprintf('ALTER TABLE test_mysqli_stmt_bind_result_zerofill_table_1 ADD zero %s UNSIGNED ZEROFILL', $datatype); if (!mysqli_query($link, $sql)) { // no worries - server might not support it return true; } if (!mysqli_query($link, sprintf('UPDATE test_mysqli_stmt_bind_result_zerofill_table_1 SET zero = %s', $insert))) { printf("[%03d] UPDATE failed, [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!($stmt = mysqli_prepare($link, 'SELECT zero FROM test_mysqli_stmt_bind_result_zerofill_table_1 LIMIT 1'))) { printf("[%03d] SELECT failed, [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } $result = null; if (!mysqli_stmt_bind_result($stmt, $result)) { printf("[%03d] Bind failed, [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt) || !mysqli_stmt_fetch($stmt)) { printf("[%03d] Execute or fetch failed, [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } $res = mysqli_stmt_result_metadata($stmt); $meta = mysqli_fetch_fields($res); mysqli_stmt_free_result($stmt); $meta = $meta[0]; $length = $meta->length; if ($length > strlen($insert)) { $expected = str_repeat('0', $length - strlen($insert)); $expected .= $insert; if ($expected !== $result) { printf("[%03d] Expecting '%s' got '%s'\n", $offset, $expected, $result); return false; } } else { if ($length <= 1) { printf("[%03d] Length reported is too small to run test\n", $offset); return false; } } return true; }
function db_query($sql, $bind = null) { $db = get_var('db'); $query = false; $stmt = mysqli_stmt_init($db); $sql = trim($sql); if (mysqli_stmt_prepare($stmt, $sql)) { if (!empty($bind)) { $types = ''; $values = array(); foreach ($bind as $key => &$value) { $value = stripslashes($value); if (is_numeric($value)) { $float = floatval($value); $types .= $float && intval($float) != $float ? 'd' : 'i'; } else { $types .= 's'; } $values[$key] =& $bind[$key]; } $params = array_merge(array($stmt, $types), $bind); call_user_func_array('mysqli_stmt_bind_param', $params); } if (mysqli_stmt_execute($stmt)) { if (preg_match('/^(SELECT|SHOW)/i', $sql)) { if (db_native_driver()) { $query = mysqli_stmt_get_result($stmt); mysqli_stmt_close($stmt); } else { return $stmt; } } else { $query = TRUE; mysqli_stmt_close($stmt); } } else { trigger_error(mysqli_stmt_error($stmt), E_USER_WARNING); } } else { trigger_error(mysqli_error($db), E_USER_WARNING); } return $query; }
public function prepare($stmtName, $stmt, $values) { $prepStmt = \mysqli_prepare($this->connection, $stmt); if (!$prepStmt) { throw new \Exception('Prepared Statement prepare fail: ' . \mysqli_error($this->connection)); } $types = ''; $binds = array($prepStmt, null); for ($i = 0; $i < \count($values); $i++) { $types .= self::getPrepareValueType($values[$i]); $binds[] =& $values[$i]; } $binds[1] = $types; \call_user_func_array('mysqli_stmt_bind_param', $binds); //you need 2 append the parameters - thats the right way to do that. if (!mysqli_stmt_execute($prepStmt)) { throw new \SYSTEM\LOG\ERROR("Could not execute prepare statement: " . \mysqli_stmt_error($prepStmt)); } return new ResultMysqliPrepare($prepStmt, $this); }
function func_test_mysqli_stmt_num_rows($stmt, $query, $expected, $offset) { if (!mysqli_stmt_prepare($stmt, $query)) { printf("[%03d] [%d] %s\n", $offset, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d] [%d] %s\n", $offset + 1, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_store_result($stmt)) { printf("[%03d] [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if ($expected !== ($tmp = mysqli_stmt_num_rows($stmt))) { printf("[%03d] Expecting %s/%d, got %s/%d\n", $offset + 3, gettype($expected), $expected, gettype($tmp), $tmp); } mysqli_stmt_free_result($stmt); return true; }
function getSubject($q, $front = false, $back = false) { if (strlen($q) < 1) { return "none"; } else { $con = $GLOBALS["con"]; $param = $q; $sql = ""; if ($front || $back) { if ($front == true) { $param = "%" . $param; } if ($back == true) { $param = $param . "%"; } $sql = "SELECT Name FROM subjects WHERE Valid=1 AND Name LIKE ? LIMIT 1"; } else { $sql = "SELECT Name FROM subjects WHERE Valid=1 AND Name=? LIMIT 1"; } $stmt = mysqli_prepare($con, $sql) or die(mysqli_error($con)); mysqli_stmt_bind_param($stmt, 's', $param) or die(mysqli_stmt_error($stmt)); mysqli_stmt_execute($stmt) or die(mysqli_stmt_error($stmt)); mysqli_stmt_bind_result($stmt, $name); if (mysqli_stmt_fetch($stmt)) { return $name; } else { if ($back == false) { return getSubject($q, false, true); } else { if ($front == false) { return getSubject($q, true, true); } else { return getSubject(substr($q, 0, strlen($q) - 1), false, false); } } } } }
function getDocID($url) { $con = $GLOBALS["con"]; $sql = "SELECT docID FROM documents WHERE URL=?"; $stmt = mysqli_prepare($con, $sql) or die(mysqli_error($con)); mysqli_stmt_bind_param($stmt, 's', $url) or die(mysqli_stmt_error($stmt)); mysqli_stmt_execute($stmt) or die(mysqli_stmt_error($stmt)); mysqli_stmt_store_result($stmt); if (mysqli_stmt_num_rows($stmt) < 1) { mysqli_stmt_close($stmt); $sql = "INSERT INTO documents (URL) VALUES (?)"; $stmt = mysqli_prepare($con, $sql) or die(mysqli_error($con)); mysqli_stmt_bind_param($stmt, 's', $url) or die(mysqli_stmt_error($stmt)); mysqli_stmt_execute($stmt) or die(mysqli_stmt_error($stmt)); mysqli_stmt_bind_result($stmt, $docID); mysqli_stmt_fetch($stmt); return getDocID($url); } else { mysqli_stmt_bind_result($stmt, $docID); mysqli_stmt_fetch($stmt); return $docID; } }
die('mysqli error: ' . mysqli_error($dbc)); } //Bind parameters mysqli_stmt_bind_param($stmt, "ssssssds", $firstName, $lastName, $email, $password, $streetAddress, $postalCode, $DOB, $gender); if (!mysqli_execute($stmt)) { die('stmt error: ' . mysqli_stmt_error($stmt)); } //Query to get user ID $query = "SELECT id FROM users WHERE email=?"; $stmt = mysqli_prepare($dbc, $query); if (!$stmt) { die('mysqli error: ' . mysqli_error($dbc)); } mysqli_stmt_bind_param($stmt, "s", $email); if (!mysqli_stmt_execute($stmt)) { die('stmt error1: ' . mysqli_stmt_error($stmt)); } mysqli_stmt_bind_result($stmt, $id); while (mysqli_stmt_fetch($stmt)) { $newUser = new User($id, $firstName, $lastName, $email, $password, $streetAddress, $postalCode, $DOB, $gender); $newUser->sessionUser(); } header('Location: WelcomePage.php'); } function passwordChecker($p1, $p2) { if (strcmp($p1, $p2) != 0) { exit("Passwords dont match, Goodbye"); } else { return TRUE; }
function func_mysqli_stmt_bind_datatype($link, $engine, $bind_type, $sql_type, $bind_value, $offset, $alternative = null) { if (!mysqli_query($link, "DROP TABLE IF EXISTS test")) { printf("[%03d] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_query($link, sprintf("CREATE TABLE test(id INT NOT NULL, label %s, PRIMARY KEY(id)) ENGINE = %s", $sql_type, $engine))) { // don't bail - it might be that the server does not support the data type return false; } if (!($stmt = mysqli_stmt_init($link))) { printf("[%03d] [%d] %s\n", $offset + 1, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt, "INSERT INTO test(id, label) VALUE (?, ?)")) { printf("[%03d] [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } $id = 1; if (!mysqli_stmt_bind_param($stmt, "i" . $bind_type, $id, $bind_value)) { printf("[%03d] [%d] %s\n", $offset + 3, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%03d] [%d] %s\n", $offset + 4, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } mysqli_stmt_close($stmt); if (!($res = mysqli_query($link, "SELECT id, label FROM test"))) { printf("[%03d] [%d] %s\n", $offset + 5, mysqli_errno($link), mysqli_error($link)); return false; } if (!($row = mysqli_fetch_assoc($res))) { printf("[%03d] [%d] %s\n", $offset + 5, mysqli_errno($link), mysqli_error($link)); return false; } if ($alternative) { if ($row['id'] != $id || $row['label'] != $bind_value && $row['label'] != $alternative) { printf("[%03d] Testing '%s', '%s': expecting '%s'/'%s' (%s), got '%s'/'%s'\n", $offset + 6, $bind_type, $sql_type, $id, $bind_value, gettype($bind_value), $row['id'], $row['label']); return false; } } else { if ($row['id'] != $id || $row['label'] != $bind_value) { printf("[%03d] Testing '%s', '%s': expecting '%s'/'%s', got '%s'/'%s'\n", $offset + 6, $bind_type, $sql_type, $id, $bind_value, $row['id'], $row['label']); return false; } } mysqli_free_result($res); return true; }
mysqli_stmt_bind_result($stmt, $in); while (mysqli_stmt_fetch($stmt)) { } mysqli_stmt_close($stmt); } if ($in == "") { echo "notfound"; exit; } // set columns in database $sql = "UPDATE users SET reset=?, resetexpire=? WHERE name=? AND email=?"; if ($stmt = mysqli_prepare($con, $sql)) { mysqli_stmt_bind_param($stmt, "siss", $hashbrown[3], $tday, $u, $e); mysqli_stmt_execute($stmt); if (mysqli_stmt_error($stmt)) { echo 'SQL Error: ' . mysqli_stmt_error($stmt); } while (mysqli_stmt_fetch($stmt)) { } mysqli_stmt_close($stmt); } // send e-mail to user with link to reset $to = $e; $from = "*****@*****.**"; $subject = "Bathtub Bingo - Reset Password"; $text = "Following this link to reset your password:\n"; $text .= "http://www.bathtubbingo.com/verifResetPass.php?user="******"&reset=" . $hashbrown[3]; $message = new Mail_mime(); $message->setTXTBody($text); $body = $message->get(); $extraheaders = array("From" => $from, "Subject" => $subject);
if ('' !== ($tmp = mysqli_stmt_error($stmt))) { printf("[004] Expecting int/0, got %s/%s\n", gettype($tmp), $tmp); } if (mysqli_stmt_prepare($stmt, "SELECT i_do_not_exist_believe_me FROM test ORDER BY id")) { printf("[005] Statement should have failed!\n"); } // set after error server? if ('' === ($tmp = mysqli_stmt_error($stmt))) { printf("[006] Expecting string/any non empty, got %s/%s\n", gettype($tmp), $tmp); } if (!mysqli_stmt_prepare($stmt, "SELECT id FROM test ORDER BY id")) { printf("[007] [%d] %s\n", mysqli_stmt_error($stmt), mysqli_stmt_error($stmt)); } // reset after error & success if ('' !== ($tmp = mysqli_stmt_error($stmt))) { printf("[008] Expecting empty string, got %s/%s\n", gettype($tmp), $tmp); } mysqli_kill($link, mysqli_thread_id($link)); if (true === ($tmp = mysqli_stmt_execute($stmt))) { printf("[009] Expecting boolean/false, got %s/%s\n", gettype($tmp), $tmp); } // set after client error if ('' === ($tmp = mysqli_stmt_error($stmt))) { printf("[010] Execting string/any non empty, got %s/%s\n", gettype($tmp), $tmp); } mysqli_stmt_close($stmt); if (NULL !== ($tmp = mysqli_stmt_error($stmt))) { printf("[011] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); } mysqli_close($link); print "done!";
<title>Curso Básico - PHP do Jeito Certo</title> </head> <body> <h1>Consultar usuarios</h1> <h2>Evitando SQL Injection</h2> <?php //importa o arquivo de conexão require_once 'conexao.php'; //abre a conexao com o banco $con = dbConnect(); $nome = '%Carlos%'; //consulta preparada contra SQL Injection $sql = "SELECT id, nome, login, senha, email FROM usuarios WHERE nome LIKE ?"; $result = mysqli_prepare($con, $sql); //Executa a consulta if ($result) { mysqli_stmt_bind_param($result, 's', $nome); mysqli_stmt_execute($result); mysqli_stmt_bind_result($result, $id, $nome, $login, $senha, $email); while (mysqli_stmt_fetch($result)) { echo $nome . '<br />'; } } else { trigger_error('Statement failed: ' . mysqli_stmt_error($result), E_USER_ERROR); } mysqli_stmt_close($result); //fecha a conexao dbClose($con); ?> </body> </html>
function func_mysqli_stmt_get_result($link, $engine, $bind_type, $sql_type, $bind_value, $offset, $type_hint = null) { if (!mysqli_query($link, "DROP TABLE IF EXISTS test_mysqli_stmt_get_result_types_table_1")) { printf("[%04d] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_query($link, sprintf("CREATE TABLE test_mysqli_stmt_get_result_types_table_1(id INT, label %s, PRIMARY KEY(id)) ENGINE = %s", $sql_type, $engine))) { // don't bail - column type might not be supported by the server, ignore this return false; } if (!($stmt = mysqli_stmt_init($link))) { printf("[%04d] [%d] %s\n", $offset + 1, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt, "INSERT INTO test_mysqli_stmt_get_result_types_table_1(id, label) VALUES (?, ?)")) { printf("[%04d] [%d] %s\n", $offset + 2, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } $id = null; if (!mysqli_stmt_bind_param($stmt, "i" . $bind_type, $id, $bind_value)) { printf("[%04d] [%d] %s\n", $offset + 3, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } for ($id = 1; $id < 4; $id++) { if (!mysqli_stmt_execute($stmt)) { printf("[%04d] [%d] %s\n", $offset + 3 + $id, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } } mysqli_stmt_close($stmt); $stmt = mysqli_stmt_init($link); if (!mysqli_stmt_prepare($stmt, "SELECT id, label FROM test_mysqli_stmt_get_result_types_table_1")) { printf("[%04d] [%d] %s\n", $offset + 7, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%04d] [%d] %s\n", $offset + 8, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } $result = mysqli_stmt_result_metadata($stmt); if (!($res = mysqli_stmt_get_result($stmt))) { printf("[%04d] [%d] %s\n", $offset + 9, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } $num = 0; $fields = mysqli_fetch_fields($result); while ($row = mysqli_fetch_assoc($res)) { $bind_res =& $row['label']; if (!gettype($bind_res) == 'unicode') { if ($bind_res !== $bind_value && (!$type_hint || $type_hint !== gettype($bind_res))) { printf("[%04d] [%d] Expecting %s/'%s' [type hint = %s], got %s/'%s'\n", $offset + 10, $num, gettype($bind_value), $bind_value, $type_hint, gettype($bind_res), $bind_res); mysqli_free_result($res); mysqli_stmt_close($stmt); return false; } } $num++; } if ($num != 3) { printf("[%04d] [%d] %s, expecting 3 results, got only %d results\n", $offset + 11, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), $num); mysqli_free_result($res); mysqli_stmt_close($stmt); return false; } mysqli_free_result($res); mysqli_stmt_close($stmt); return true; }
function func_mysqli_stmt_get_result_geom($link, $engine, $sql_type, $bind_value, $offset) { if (!mysqli_query($link, "DROP TABLE IF EXISTS test_mysqli_stmt_get_result_geom_table_1")) { printf("[%04d] [%d] %s\n", $offset, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_query($link, sprintf("CREATE TABLE test_mysqli_stmt_get_result_geom_table_1(id INT, label %s, PRIMARY KEY(id)) ENGINE = %s", $sql_type, $engine))) { // don't bail - column type might not be supported by the server, ignore this return false; } for ($id = 1; $id < 4; $id++) { $sql = sprintf("INSERT INTO test_mysqli_stmt_get_result_geom_table_1(id, label) VALUES (%d, %s)", $id, $bind_value); if (!mysqli_query($link, $sql)) { printf("[%04d] [%d] %s\n", $offset + 2 + $id, mysqli_errno($link), mysqli_error($link)); } } if (!($stmt = mysqli_stmt_init($link))) { printf("[%04d] [%d] %s\n", $offset + 6, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt, "SELECT id, label FROM test_mysqli_stmt_get_result_geom_table_1")) { printf("[%04d] [%d] %s\n", $offset + 7, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } if (!mysqli_stmt_execute($stmt)) { printf("[%04d] [%d] %s\n", $offset + 8, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } if (!($res = mysqli_stmt_get_result($stmt))) { printf("[%04d] [%d] %s\n", $offset + 9, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); mysqli_stmt_close($stmt); return false; } $result = mysqli_stmt_result_metadata($stmt); $fields = mysqli_fetch_fields($result); if ($fields[1]->type != MYSQLI_TYPE_GEOMETRY) { printf("[%04d] [%d] %s wrong type %d\n", $offset + 10, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), $fields[1]->type); } $num = 0; while ($row = mysqli_fetch_assoc($res)) { $bind_res =& $row['label']; if (!($stmt2 = mysqli_stmt_init($link))) { printf("[%04d] [%d] %s\n", $offset + 11, mysqli_errno($link), mysqli_error($link)); return false; } if (!mysqli_stmt_prepare($stmt2, "INSERT INTO test_mysqli_stmt_get_result_geom_table_1(id, label) VALUES (?, ?)")) { printf("[%04d] [%d] %s\n", $offset + 12, mysqli_stmt_errno($stmt2), mysqli_stmt_error($stmt2)); return false; } $id = $row['id'] + 10; if (!mysqli_stmt_bind_param($stmt2, "is", $id, $bind_res)) { printf("[%04d] [%d] %s\n", $offset + 13, mysqli_stmt_errno($stmt2), mysqli_stmt_error($stmt2)); return false; } if (!mysqli_stmt_execute($stmt2)) { printf("[%04d] [%d] %s\n", $offset + 14, mysqli_stmt_errno($stmt2), mysqli_stmt_error($stmt2)); return false; } mysqli_stmt_close($stmt2); if (!($res_normal = mysqli_query($link, sprintf("SELECT id, label FROM test_mysqli_stmt_get_result_geom_table_1 WHERE id = %d", $row['id'] + 10)))) { printf("[%04d] [%d] %s\n", $offset + 15, mysqli_errno($link), mysqli_error($link)); return false; } if (!($row_normal = mysqli_fetch_assoc($res_normal))) { printf("[%04d] [%d] %s\n", $offset + 16, mysqli_errno($link), mysqli_error($link)); return false; } if ($row_normal['label'] != $bind_res) { printf("[%04d] PS and non-PS return different data.\n", $offset + 17); return false; } mysqli_free_result($res_normal); $num++; } if ($num != 3) { printf("[%04d] [%d] %s, expecting 3 results, got only %d results\n", $offset + 18, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt), $num); mysqli_free_result($res); mysqli_stmt_close($stmt); return false; } mysqli_free_result($res); mysqli_stmt_close($stmt); return true; }
/** * if params are passed in, as an array of values, sql gets executed as * a prepared statement. if a DataModel is passed in * it returns a DataModelIterator of DataModel objects. * otherwise, it returns the results of the query as an * associative array * * @param string $sql * @param array $params * @param DataModel $o * @throws Exception * @return mixed array or DataModelIterator */ public function query($sql, $params = null, DataModel $o = null) { $results = array(); if (!$params) { if ($result = $this->conn->query($sql)) { if ($result !== true) { while ($row = $result->fetch_assoc()) { array_push($results, $row); } $result->close(); } } } else { if (!($stmt = $this->conn->prepare($sql))) { throw new Exception('Please check your sql statement : unable to prepare'); } $stmt_params = array(); foreach ($params as $k => &$param) { $stmt_params[$k] =& $param; } array_unshift($stmt_params, str_repeat('s', count($params))); array_unshift($stmt_params, $stmt); call_user_func_array('mysqli_stmt_bind_param', $stmt_params); if ($stmt->execute() === false) { throw new Exception(mysqli_stmt_error($stmt)); } $result = $stmt->result_metadata(); $fields = array(); while ($field = mysqli_fetch_field($result)) { $name = $field->name; $fields[$name] =& ${$name}; } array_unshift($fields, $stmt); call_user_func_array('mysqli_stmt_bind_result', $fields); array_shift($fields); while (mysqli_stmt_fetch($stmt)) { $temp = array(); foreach ($fields as $key => $val) { $temp[$key] = $val; } array_push($results, $temp); } mysqli_free_result($result); mysqli_stmt_close($stmt); } if ($o) { // populate referenced data model object $dmc = new DataModelIterator(); foreach ($results as $rec) { $dmc->add($this->populate($o, $rec)); } return $dmc; } else { // return as associative array return $results; } }
if (mysqli_real_query($link, 'CREATE PROCEDURE p(IN ver_in VARCHAR(25), OUT ver_out VARCHAR(25)) BEGIN SELECT ver_in INTO ver_out; END;')) { if (!($stmt = mysqli_prepare($link, 'CALL p(?, ?)'))) { printf("[005] Cannot prepare CALL, [%d] %s\n", mysqli_errno($link), mysqli_error($link)); } $ver_in = 'myversion'; $ver_out = ''; if (!mysqli_stmt_bind_param($stmt, 'ss', $ver_in, $ver_out)) { printf("[006] Cannot bind parameter, [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!mysqli_stmt_execute($stmt)) { printf("[007] Cannot execute CALL, [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } printf("[008] More results: %s\n", mysqli_more_results($link) ? "yes" : "no"); printf("[009] Next results: %s\n", mysqli_next_result($link) ? "yes" : "no"); if (!mysqli_stmt_bind_result($stmt, $ver_out) || !mysqli_stmt_fetch($stmt)) { printf("[010] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if ("myversion" !== $ver_out) { printf("[011] Results seem wrong got '%s'\n", $ver_out); } if (!mysqli_stmt_close($stmt)) { printf("[012] Cannot close statement, [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!($res = $link->query("SELECT 1"))) { printf("[013] [%d] %s\n", $link->errno, $link->error); } } else { printf("[004] Cannot create SP, [%d] %s.\n", mysqli_errno($link), mysqli_error($link)); } mysqli_close($link); print "done!";
if (!mysqli_stmt_execute($stmt_ins)) { printf("[008 - %d] [%d] %s\n", $bits, mysqli_stmt_errno($stmt_ins), mysqli_stmt_error($stmt_ins)); break; } $sql = sprintf("SELECT id, BIN(bit_value) AS _bin, bit_value, bit_value + 0 AS _bit_value0, bit_null FROM test WHERE id = %s", $value); if (!mysqli_stmt_prepare($stmt_sel, $sql) || !mysqli_stmt_execute($stmt_sel)) { printf("[009 - %d] [%d] %s\n", $bits, mysqli_stmt_errno($stmt_sel), mysqli_stmt_error($stmt_sel)); break; } $row = array('id' => -1, '_bin' => -1, 'bit_value' => -1, '_bit_value0' => -1, 'bit_null' => -1); if (!mysqli_stmt_bind_result($stmt_sel, $row['id'], $row['_bin'], $row['bit_value'], $row['_bit_value0'], $row['bit_null'])) { printf("[010 - %d] [%d] %s\n", $bits, mysqli_stmt_errno($stmt_sel), mysqli_stmt_error($stmt_sel)); break; } if (!($ret = mysqli_stmt_fetch($stmt_sel))) { printf("[011 - %d] mysqli_stmt_fetch() has failed for %d bits - ret = %s/%s, [%d] %s, [%d] %s\n", $bits, $bits, gettype($ret), $ret, mysqli_stmt_errno($stmt_sel), mysqli_stmt_error($stmt_sel), mysqli_errno($link_sel), mysqli_errno($link_sel)); break; } if ($value != $row['id'] || $bin != $row['_bin'] && $bin2 != $row['_bin']) { debug_zval_dump($row); printf("[012 - %d] Insert of %s in BIT(%d) column might have failed. id = %s, bin = %s (%s/%s)\n", $bits, $value, $bits, $row['id'], $row['_bin'], $bin, $bin2); break; } if ($value != $row['bit_value']) { debug_zval_dump($row); printf("[013 - %d] Expecting %s got %s\n", $bits, $value, $row['bit_value']); break; } if (null !== $row['bit_null']) { debug_zval_dump($row); printf("[014 - %d] Expecting null got %s/%s\n", $bits, gettype($row['bit_value']), $row['bit_value']);
/** * Execute a prepared query statement helper method. * * @param mixed $result_class string which specifies which result class to use * @param mixed $result_wrap_class string which specifies which class to wrap results in * * @return mixed MDB2_Result or integer (affected rows) on success, * a MDB2 error on failure * @access private */ function _execute($result_class = true, $result_wrap_class = false) { if (null === $this->statement) { $result = parent::_execute($result_class, $result_wrap_class); return $result; } $this->db->last_query = $this->query; $this->db->debug($this->query, 'execute', array('is_manip' => $this->is_manip, 'when' => 'pre', 'parameters' => $this->values)); if ($this->db->getOption('disable_query')) { $result = $this->is_manip ? 0 : null; return $result; } $connection = $this->db->getConnection(); if (PEAR::isError($connection)) { return $connection; } if (!is_object($this->statement)) { $query = 'EXECUTE ' . $this->statement; } if (!empty($this->positions)) { $paramReferences = array(); $parameters = array(0 => $this->statement, 1 => ''); $lobs = array(); $i = 0; foreach ($this->positions as $parameter) { if (!array_key_exists($parameter, $this->values)) { return $this->db->raiseError(MDB2_ERROR_NOT_FOUND, null, null, 'Unable to bind to missing placeholder: ' . $parameter, __FUNCTION__); } $value = $this->values[$parameter]; $type = array_key_exists($parameter, $this->types) ? $this->types[$parameter] : null; if (!is_object($this->statement)) { if (is_resource($value) || $type == 'clob' || $type == 'blob' && $this->db->options['lob_allow_url_include']) { if (!is_resource($value) && preg_match('/^(\\w+:\\/\\/)(.*)$/', $value, $match)) { if ($match[1] == 'file://') { $value = $match[2]; } $value = @fopen($value, 'r'); $close = true; } if (is_resource($value)) { $data = ''; while (!@feof($value)) { $data .= @fread($value, $this->db->options['lob_buffer_length']); } if ($close) { @fclose($value); } $value = $data; } } $quoted = $this->db->quote($value, $type); if (PEAR::isError($quoted)) { return $quoted; } $param_query = 'SET @' . $parameter . ' = ' . $quoted; $result = $this->db->_doQuery($param_query, true, $connection); if (PEAR::isError($result)) { return $result; } } else { if (is_resource($value) || $type == 'clob' || $type == 'blob') { $paramReferences[$i] = null; // mysqli_stmt_bind_param() requires parameters to be passed by reference $parameters[] =& $paramReferences[$i]; $parameters[1] .= 'b'; $lobs[$i] = $parameter; } else { $paramReferences[$i] = $this->db->quote($value, $type, false); if (PEAR::isError($paramReferences[$i])) { return $paramReferences[$i]; } // mysqli_stmt_bind_param() requires parameters to be passed by reference $parameters[] =& $paramReferences[$i]; $parameters[1] .= $this->db->datatype->mapPrepareDatatype($type); } ++$i; } } if (!is_object($this->statement)) { $query .= ' USING @' . implode(', @', array_values($this->positions)); } else { $result = call_user_func_array('mysqli_stmt_bind_param', $parameters); if (false === $result) { $err = $this->db->raiseError(null, null, null, 'Unable to bind parameters', __FUNCTION__); return $err; } foreach ($lobs as $i => $parameter) { $value = $this->values[$parameter]; $close = false; if (!is_resource($value)) { $close = true; if (preg_match('/^(\\w+:\\/\\/)(.*)$/', $value, $match)) { if ($match[1] == 'file://') { $value = $match[2]; } $value = @fopen($value, 'r'); } else { $fp = @tmpfile(); @fwrite($fp, $value); @rewind($fp); $value = $fp; } } while (!@feof($value)) { $data = @fread($value, $this->db->options['lob_buffer_length']); @mysqli_stmt_send_long_data($this->statement, $i, $data); } if ($close) { @fclose($value); } } } } if (!is_object($this->statement)) { $result = $this->db->_doQuery($query, $this->is_manip, $connection); if (PEAR::isError($result)) { return $result; } if ($this->is_manip) { $affected_rows = $this->db->_affectedRows($connection, $result); return $affected_rows; } $result = $this->db->_wrapResult($result, $this->result_types, $result_class, $result_wrap_class, $this->limit, $this->offset); } else { //echo '<pre>'; var_dump($this->statement, mysqli_stmt_error($this->statement));exit; if (!mysqli_stmt_execute($this->statement)) { echo '<pre>'; var_dump($this->statement, mysqli_stmt_error($this->statement)); exit; $err = $this->db->raiseError(null, null, null, 'Unable to execute statement', __FUNCTION__); return $err; } if ($this->is_manip) { $affected_rows = @mysqli_stmt_affected_rows($this->statement); return $affected_rows; } if ($this->db->options['result_buffering']) { @mysqli_stmt_store_result($this->statement); } $result = $this->db->_wrapResult($this->statement, $this->result_types, $result_class, $result_wrap_class, $this->limit, $this->offset); } $this->db->debug($this->query, 'execute', array('is_manip' => $this->is_manip, 'when' => 'post', 'result' => $result)); return $result; }
printf("[019] Expecting object/mysqli_result got %s/%s, [%d] %s\n", gettype($res), $res, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } $id = $label = null; if (!mysqli_stmt_bind_result($stmt, $id, $label)) { printf("[020] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } $row = mysqli_fetch_assoc($res); if (NULL !== $id || NULL !== $label) { printf("[021] Bound variables should not have been set\n"); } mysqli_free_result($res); mysqli_stmt_close($stmt); if (!($stmt = mysqli_stmt_init($link)) || !mysqli_stmt_prepare($stmt, "SELECT id, label FROM test ORDER BY id ASC LIMIT 2") || !mysqli_stmt_execute($stmt)) { printf("[022] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!is_object($res = mysqli_stmt_get_result($stmt)) || 'mysqli_result' != get_class($res)) { printf("[023] Expecting object/mysqli_result got %s/%s, [%d] %s\n", gettype($res), $res, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!in_array($res->type, array(MYSQLI_STORE_RESULT, MYSQLI_USE_RESULT))) { printf("[024] Unknown result set type %s\n", $res->type); } if ($res->type !== MYSQLI_STORE_RESULT) { printf("[025] Expecting int/%d got %s/%s", MYSQLI_STORE_RESULT, gettype($res->type), $res->type); } mysqli_free_result($res); mysqli_stmt_close($stmt); mysqli_close($link); if (NULL !== ($res = mysqli_stmt_get_result($stmt))) { printf("[022] Expecting NULL got %s/%s\n", gettype($res), $res); } print "done!";
$list[] = "<hr><div class='row'><div class='col-md-8 question'>" . $q . "</div><div class='col-md-4'><div class='row'><div class='col-md-9'><div class='razorate' data-average='" . $r . "' data-id='" . $id * 3823 . "'></div></div><div class='col-md-3'><input type='submit' class='btn btn-success faqrate' onclick='javascript:return false;' value='Rate'/></div></div></div><div class='row'><div class='col-md-12'>" . html_entity_decode($a) . "</div></div></div>"; } } else { while (mysqli_stmt_fetch($stmt)) { $list[] = "<hr><div class='row'><div class='col-md-8 question'>" . $q . "</div><div class='row'><div class='col-md-offset-8 col-md-4 reqlogin'><p>To rate this answer, please <a href='../index.php'>Log In or Register</a></div></div></div><div class='row'><div class='col-md-12'>" . html_entity_decode($a) . "</div></div>"; } } } } else { $error = mysqli_stmt_error($stmt); } } else { $error = mysqli_stmt_error($stmt); } } else { $error = mysqli_stmt_error($stmt); } $mysqli->close(); $siteurl = dirname(dirname(curPageURL())); $siteurl = explode('?', $siteurl); $siteurl = $siteurl[0]; if (!isset($_SESSION['token']['act'])) { $_SESSION['token']['act'] = random_token(7); } require_once '../php/translator/class.translation.php'; if (isset($setting[11]) && $setting[11] == 0 && isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2); if (!is_file('../php/translator/lang/' . $lang . '.csv')) { $lang = 'en'; } } else {
} $label = null; if (mysqli_stmt_bind_param($stmt, "s", $label)) { printf("[014] expected error - got ok\n"); } while (mysqli_stmt_fetch($stmt)) { if (1 !== ($tmp = mysqli_stmt_field_count($stmt))) { printf("[015] Expecting int/1, got %s/%s\n", gettype($tmp), $tmp); } } if (!mysqli_stmt_prepare($stmt, 'INSERT INTO test(id) VALUES (100)')) { printf("[016] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (0 !== ($tmp = mysqli_stmt_field_count($stmt))) { printf("[017] Expecting int/0, got %s/%s\n", gettype($tmp), $tmp); } if (!mysqli_stmt_prepare($stmt, "UPDATE test SET label = 'z' WHERE id = 1") || !mysqli_stmt_execute($stmt)) { printf("[018] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (0 !== ($tmp = mysqli_stmt_field_count($stmt))) { printf("[019] Expecting int/0, got %s/%s\n", gettype($tmp), $tmp); } mysqli_stmt_close($stmt); if (mysqli_stmt_prepare($stmt, 'SELECT id FROM test')) { printf("[020] Prepare should fail, statement has been closed\n"); } if (!is_null($tmp = mysqli_stmt_field_count($stmt))) { printf("[011] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); } mysqli_close($link); print "done!";
/** * 查询符合条件的记录数 * @return integer 返回记录数 */ public function getListLength() { $rt = 0; if ($this->sqlStmt["groupBy"] !== null) { $sql = "select count(DISTINCT(" . $this->sqlStmt["groupBy"] . ")) from `{$this->tableName}`"; } else { $sql = "select count(*) from `{$this->tableName}`"; } if ($this->sqlStmt["whereStmt"]) { $sql .= " where " . $this->sqlStmt["whereStmt"]; } //查询条件 $this->lastSql = $sql; $stmt = mysqli_prepare($this->conn, $sql); if ($stmt) { if ($this->sqlStmt["bindTypes"] && $this->sqlStmt["bindParams"]) { call_user_func_array([$stmt, "bind_param"], array_merge([$this->sqlStmt["bindTypes"]], $this->arr2Reference($this->sqlStmt["bindParams"]))); } if (mysqli_stmt_execute($stmt)) { mysqli_stmt_bind_result($stmt, $rt); $stmt->fetch(); $stmt->free_result(); } else { $this->logError(mysqli_stmt_error($stmt)); } $stmt->close(); } else { $this->logError(mysqli_error($this->conn)); } $this->degbugLog(); return $rt; }
if (!($stmt = mysqli_stmt_init($link))) { printf("[009] [%d] %s\n", mysqli_errno($link), mysqli_error($link)); } if (!mysqli_stmt_prepare($stmt, "SELECT id, label FROM test ORDER BY id LIMIT 2")) { printf("[010] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!mysqli_stmt_execute($stmt)) { printf("[011] [%d] %s\n", mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } $id = NULL; $label = NULL; if (true !== ($tmp = mysqli_stmt_bind_result($stmt, $id, $label))) { printf("[012] Expecting boolean/true, got %s/%s\n", gettype($tmp), $tmp); } if (true !== ($tmp = mysqli_stmt_fetch($stmt))) { printf("[013] Expecting boolean/true, got %s/%s, [%d] %s\n", gettype($tmp), $tmp, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); } if (!mysqli_kill($link, mysqli_thread_id($link))) { printf("[014] [%d] %s\n", mysqli_errno($link), mysqli_error($link)); } if (true !== ($tmp = mysqli_stmt_fetch($stmt))) { printf("[015] Expecting boolean/true, got %s/%s\n", gettype($tmp), $tmp); } mysqli_stmt_close($stmt); if (NULL !== ($tmp = mysqli_stmt_fetch($stmt))) { printf("[016] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); } mysqli_close($link); /* Check that the function alias exists. It's a deprecated function, but we have not announce the removal so far, therefore we need to check for it */ if (!is_null($tmp = @mysqli_stmt_fetch())) {
function testStatement($offset, $link, $sql, $expected_lib, $expected_mysqlnd, $check_mysqlnd, $compare) { if (!($stmt = mysqli_stmt_init($link))) { printf("[%04d - %s] [%d] %s\n", $offset, $sql, mysqli_errno($link), mysqli_error($link)); return false; } if (!@mysqli_stmt_prepare($stmt, $sql)) { /* Not all server versions will support all statements */ /* Failing to prepare is OK */ return true; } if (empty($expected_lib) && false !== $res) { printf("[%04d - %s] No metadata expected\n", $offset + 1, $sql); return false; } else { if (!empty($expected_lib) && false == $res) { printf("[%04d - %s] Metadata expected\n", $offset + 2, $sql); return false; } } if (!empty($expected_lib)) { if (!is_object($res)) { printf("[%04d - %s] [%d] %s\n", $offset + 3, $sql, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if (get_class($res) != 'mysqli_result') { printf("[%04d - %s] Expecting object/mysqli_result got object/%s\n", $offset + 4, $sql, get_class($res)); return false; } $meta = array('num_fields' => mysqli_num_fields($res), 'fetch_field' => mysqli_fetch_field($res), 'fetch_field_direct0' => mysqli_fetch_field_direct($res, 0), 'fetch_field_direct1' => @mysqli_fetch_field_direct($res, 1), 'fetch_fields' => count(mysqli_fetch_fields($res)), 'field_count' => $res->field_count, 'field_seek-1' => @mysqli_field_seek($res, -1), 'field_seek0' => mysqli_field_seek($res, 0), 'field_tell' => mysqli_field_tell($res)); if (is_object($meta['fetch_field'])) { $meta['fetch_field']->charsetnr = 'ignore'; $meta['fetch_field']->flags = 'ignore'; } if (is_object($meta['fetch_field_direct0'])) { $meta['fetch_field_direct0']->charsetnr = 'ignore'; $meta['fetch_field_direct0']->flags = 'ignore'; } if (is_object($meta['fetch_field_direct1'])) { $meta['fetch_field_direct1']->charsetnr = 'ignore'; $meta['fetch_field_direct1']->flags = 'ignore'; } mysqli_free_result($res); if ($meta != $expected_lib) { printf("[%04d - %s] Metadata differs from expected values\n", $offset + 5, $sql); var_dump($meta); var_dump($expected_lib); return false; } } if (function_exists('mysqli_stmt_get_result')) { /* mysqlnd only */ if (!mysqli_stmt_execute($stmt)) { printf("[%04d - %s] [%d] %s\n", $offset + 6, $sql, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } $res = mysqli_stmt_get_result($stmt); if (false === $res && !empty($expected_mysqlnd)) { printf("[%04d - %s] Expecting resultset [%d] %s\n", $offset + 7, $sql, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } else { if (empty($expected_mysqlnd) && false !== $res) { printf("[%04d - %s] Unexpected resultset [%d] %s\n", $offset + 8, $sql, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } } if (!is_object($res)) { printf("[%04d - %s] [%d] %s\n", $offset + 9, $sql, mysqli_stmt_errno($stmt), mysqli_stmt_error($stmt)); return false; } if ('mysqli_result' != get_class($res)) { printf("[%04d - %s] Expecting object/mysqli_result got object/%s\n", $offset + 10, $sql, get_class($res)); return false; } $meta_res = array('num_fields' => mysqli_num_fields($res), 'fetch_field' => mysqli_fetch_field($res), 'fetch_field_direct0' => mysqli_fetch_field_direct($res, 0), 'fetch_field_direct1' => @mysqli_fetch_field_direct($res, 1), 'fetch_fields' => count(mysqli_fetch_fields($res)), 'field_count' => mysqli_field_count($link), 'field_seek-1' => @mysqli_field_seek($res, -1), 'field_seek0' => mysqli_field_seek($res, 0), 'field_tell' => mysqli_field_tell($res)); if (is_object($meta_res['fetch_field'])) { $meta_res['fetch_field']->charsetnr = 'ignore'; $meta_res['fetch_field']->flags = 'ignore'; } if (is_object($meta_res['fetch_field_direct0'])) { $meta_res['fetch_field_direct0']->charsetnr = 'ignore'; $meta_res['fetch_field_direct0']->flags = 'ignore'; } if (is_object($meta_res['fetch_field_direct1'])) { $meta_res['fetch_field_direct1']->charsetnr = 'ignore'; $meta_res['fetch_field_direct1']->flags = 'ignore'; } mysqli_free_result($res); if ($check_mysqlnd && $meta_res != $expected_mysqlnd) { printf("[%04d - %s] Metadata differs from expected\n", $offset + 11, $sql); var_dump($meta_res); var_dump($expected_mysqlnd); } else { if ($meta_res['field_count'] < 1) { printf("[%04d - %s] Metadata seems wrong, no fields?\n", $offset + 12, $sql); var_dump($meta_res); var_dump(mysqli_fetch_assoc($res)); } } if ($compare && $meta_res != $meta) { printf("[%04d - %s] Metadata returned by mysqli_stmt_result_metadata() and mysqli_stmt_get_result() differ\n", $offset + 13, $sql); var_dump($meta_res); var_dump($meta); } } mysqli_stmt_close($stmt); return true; }