Mysql 已被弃用。我在 mysql 中有一段代码,我想将其转换为 mysqli,但没有成功。
代码可以工作,但我收到错误消息“mysql 扩展已弃用,将来将被删除:改用 mysqli 或 PDO”
这是初始代码:
$connection = mysql_connect('host','root','password') or die ("Couldn't connect to server.");
$db = mysql_select_db('database_name', $connection) or die ("Couldn't select database.");
$result = mysql_query("SELECT * FROM customers WHERE cust_number ='$Cust_Number' ");
if( mysql_num_rows($result) > 0) {
mysql_query("UPDATE `customers` SET cust_name='$Cust_Name', cust_phone='$Cust_Phone', cust_phone1='$Cust_Phone1', cust_email='$Cust_Email', cust_address='$Cust_Address' ");
}
else
{
mysql_query("INSERT INTO customers (cust_number, cust_name, cust_phone, cust_phone1, cust_email, cust_address) VALUES ('$Cust_Number', '$Cust_Name', '$Cust_Phone', '$Cust_Phone1', '$Cust_Email', '$Cust_Address') ");
}
我尝试了以下转换:
$connection = mysqli_connect('host','root','password') or die ("Couldn't connect to server.");
$db = mysqli_select_db($connection,'database_name') or die ("Couldn't select database.");
if( mysqli_num_rows($result) > 0) {
mysqli_query($connections,"UPDATE `customers` SET cust_name='$Cust_Name', cust_phone='$Cust_Phone', cust_phone1='$Cust_Phone1', cust_email='$Cust_Email', cust_address='$Cust_Address' ");
}
else
{
mysqli_query($connections,"INSERT INTO customers (cust_number, cust_name, cust_phone, cust_phone1, cust_email, cust_address) VALUES ('$Cust_Number', '$Cust_Name', '$Cust_Phone', '$Cust_Phone1', '$Cust_Email', '$Cust_Address') ");
}
但是这不起作用。
有人可以帮我转换 mysqli 或 PDO 中的初始代码吗?
最佳答案
您的mysqli_query()
调用$connections
,而您的连接是$connection
——这就是您的代码失败的原因。
但是,值得注意的是,就目前情况而言,您的代码很容易受到 SQL injection 的攻击。 。为了避免这种情况,您需要使用 prepared statements (MySQL 连接器不存在的东西)。
这可以通过以下方式完成:
$connection = mysqli_connect('host','root','password') or die ("Couldn't connect to server.");
$db = mysqli_select_db($connection,'database_name') or die ("Couldn't select database.");
if (mysqli_num_rows($result) > 0) {
$stmt = $this->mysqli->prepare("UPDATE `customers` SET cust_name='?', cust_phone='?', cust_phone1='?', cust_email='?', cust_address='?'");
$stmt->bind_param('sssss', $Cust_Name, $Cust_Phone, $Cust_Phone1, $Cust_Email, $Cust_Address);
$stmt->execute();
}
else
{
$stmt = $this->mysqli->prepare("INSERT INTO customers (cust_number, cust_name, cust_phone, cust_phone1, cust_email, cust_address) VALUES ('?', '?', '?', '?', '?', '?') ");
$stmt->bind_param('ssssss', $Cust_Number, $Cust_Name, $Cust_Phone, $Cust_Phone1, $Cust_Email, $Cust_Address);
$stmt->execute();
}
关于php - mysql 到 msqli 的转换,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56678666/