-1

一整天都在这里打我的头。我第一次尝试防止代码中的 SQL 注入,所以我使用了准备好的语句,当我循环结果时,我的输出是空白的,但由于它是一个表,所有单元格都在那里,只是没有数据。我的代码:include_once("../includes/connect.php");

$query = "SELECT * FROM `boards` WHERE `team_id` = ? ORDER BY name ASC";
$stmt = $con->prepare($query);
$stmt->bind_param("s", $board);
$stmt->execute();



echo "<table border='1' class='table table-bordered'>

<tr>
<th>Name</th>
<th>In/Out</th>
<th>Note</th>
</tr>";

while ($row = mysqli_stmt_fetch($stmt))

{
echo "<tr>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['inout'] . "</td>";
echo "<td>" . $row['note'] . "</td>";
echo "</tr>";
}
echo "</table>";
 //for troubleshooting
var_dump($stmt)

这就是它的样子:

http://i.stack.imgur.com/A1kKg.png

任何想法为什么数据没有填写?任何帮助是极大的赞赏!谢谢!

4

1 回答 1

0

您需要在调用之前绑定所有列,mysqli_stmt_fetch如此处手册中所述:http: //php.net/manual/en/mysqli-stmt.fetch.php

mysqli_stmt_bind_result($stmt, $name, $inout, $note);
while (mysqli_stmt_fetch($stmt))
{
  echo "<tr>";
  echo "<td>" . $name . "</td>";
  echo "<td>" . $inout . "</td>";
  echo "<td>" . $note . "</td>";
  echo "</tr>";
}
于 2013-08-06T01:39:06.647 回答