mysqli::execute_query

mysqli_execute_query

(PHP 8 >= 8.2.0)

mysqli::execute_query -- mysqli_execute_query — Prepares, binds parameters, and executes SQL statement

说明

面向对象风格

public function mysqli::execute_query(string $query, ?array $params = null): mysqli_result|bool

过程化风格

function mysqli_execute_query(mysqli $mysql, string $query, ?array $params = null): mysqli_result|bool

Prepares the SQL query, binds parameters, and executes it. The mysqli::execute_query() method is a shortcut for mysqli::prepare(), mysqli_stmt::bind_param(), mysqli_stmt::execute(), and mysqli_stmt::get_result().

The statement template can contain zero or more question mark (?) parameter markers⁠—also called placeholders. The parameter values must be provided as an array using params parameter.

A prepared statement is created under the hood but it's never exposed outside of the function. It's impossible to access properties of the statement as one would do with the mysqli_stmt object. Due to this limitation, the status information is copied to the mysqli object and is available using its methods, e.g. mysqli_affected_rows() or mysqli_error().

注意:
In the case where a statement is passed to mysqli_execute_query() that is longer than max_allowed_packet of the server, the returned error codes are different depending on the operating system. The behavior is as follows:

On Linux returns an error code of 1153. The error message means got a packet bigger than max_allowed_packet bytes.

On Windows returns an error code 2006. This error message means server has gone away.

参数

mysql

仅以过程化样式：由 mysqli_connect() 或 mysqli_init() 返回的 mysqli 对象。

query

The query, as a string. It must consist of a single SQL statement.

The SQL statement may contain zero or more parameter markers represented by question mark (?) characters at the appropriate positions.

注意:
The markers are legal only in certain places in SQL statements. For example, they are permitted in the VALUES() list of an INSERT statement (to specify column values for a row), or in a comparison with a column in a WHERE clause to specify a comparison value. However, they are not permitted for identifiers (such as table or column names).

params

An optional list array with as many elements as there are bound parameters in the SQL statement being executed. Each value is treated as a string.

返回值

Returns false on failure. For successful queries which produce a result set, such as SELECT, SHOW, DESCRIBE or EXPLAIN, returns a mysqli_result object. For other successful queries, returns true.

示例

示例 #1 mysqli::execute_query() example

面向对象风格

<?php

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli('localhost', 'my_user', 'my_password', 'world');

$query = 'SELECT Name, District FROM City WHERE CountryCode=? ORDER BY Name LIMIT 5';
$result = $mysqli->execute_query($query, ['DEU']);
foreach ($result as $row) {
    printf("%s (%s)\n", $row["Name"], $row["District"]);
}

过程化风格

<?php

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$link = mysqli_connect("localhost", "my_user", "my_password", "world");

$query = 'SELECT Name, District FROM City WHERE CountryCode=? ORDER BY Name LIMIT 5';
$result = mysqli_execute_query($link, $query, ['DEU']);
foreach ($result as $row) {
    printf("%s (%s)\n", $row["Name"], $row["District"]);
}

以上示例的输出类似于：

Aachen (Nordrhein-Westfalen)
Augsburg (Baijeri)
Bergisch Gladbach (Nordrhein-Westfalen)
Berlin (Berliini)
Bielefeld (Nordrhein-Westfalen)

参见

mysqli_prepare() - 预处理执行 SQL
mysqli_stmt_execute() - Executes a prepared statement
mysqli_stmt_bind_param() - Binds variables to a prepared statement as parameters
mysqli_stmt_get_result() - Gets a result set from a prepared statement as a mysqli_result object

发现了问题？

了解如何改进此页面 • 提交拉取请求 • 报告一个错误

＋添加备注

用户贡献的备注 1 note

down

theking2(at)king(dot).co. ¶

2 years ago

A function to call a stored procedure with an arbitrary number of IN parameters and one OUT parameter, for instance returning affected row count. The return value of yhe function is this value.

<?php

/**
 * call_sp Call the specified stored procedure with the given parameters.
 * The first parameter is the name of the stored procedure.
 * The remaining parameters are the (in) parameters to the stored procedure.
 * the last (out) parameter should be an int, like state or number of affected rows.
 *
 * @param  mixed $sp_name The name of the stored procedure to call.
 * @param  mixed $params The parameters to pass to the stored procedure.
 * @return int The number of affected rows.
 */
function call_sp( \mysqli $db, string $sp_name, ...$params ): int
{
  $sql = "CALL $sp_name( ";
  $sql .= implode( ", ", array_fill( 0, count( $params ), "?" ) );
  $sql .= ", @__affected );";

  $result   = $db->execute_query( $sql, $params );
  $result   = $db->query( "select @__affected;" );
  $affected = (int) $result->fetch_column( 0 );
  return $affected;
}