0

我开始使用mysqli_*函数而不是 PHP 中的旧mysql_*函数,但这段代码有点问题:

public function addUser($table, $code = false, $rows = false) {
   if (!$code) {
      header("Location: " . $this->authenticate());
   } else {
      $this->getToken($code);
   }
   $user = $this->getEndpoint('users/current', false, true);
   $user = $user->response->user;
   if (!$rows)
        $rows = array(
            "remote_id" => $user->id,
            "firstName" => $user->first_name,
            "lastName" => $user->last_name,
            "photo" => $user->photo->medium,
            "gender" => $user->gender == 'male' ? 1 : 2,
            "email" => $user->contact->email,
        );
   $rows['access_token'] = $this->accessToken;
   $stmt = $this->mysql->prepare("SELECT id FROM users WHERE access_token = '{$this->accessToken}'"); //line 136
   $stmt->execute(); //line 137
}

代码返回以下 2 个错误:

警告:mysqli::prepare(): Couldn't fetch MySQL in C:\Users\Grega\Server\application\inc\classes\APIConnect.php on line 136

致命错误:在第 137 行的 C:\Users\Grega\Server\application\inc\classes\APIConnect.php 中的非对象上调用成员函数 execute()

“无法获取 MySQL”的原因是什么?数据库连接是正确的,它在其他类中工作,并且查询返回一个有效的结果,如果我回显它并在 phpMyAdmin 中执行它。另外,我的变量名为mysqlNOT mysqli

4

1 回答 1

1

您应该阅读更多关于 MYSQL 与 MYSQLi 之间的区别。

虽然您的代码是:

$stmt = $this->mysql->prepare("SELECT id FROM users WHERE access_token = '{$this->accessToken}'");

你应该这样做:

$stmt = $this->mysql->prepare("SELECT id FROM users WHERE access_token = ?");
$stmt->bind_param("s" , $this->accessToken ); //Used 's' as I guess that the accessToken is a string

binding部分是事物的关键部分prepare。(您的查询是安全的)

之后,您可以使用$stmt->execute();get_result()

于 2012-10-13T13:01:50.840 回答