mysqli的预处理功能使用

 1 <html>
2 <head>
3 <meta http-equiv="Content-Type" content="text/html; charset=GB2312">
4 <title> 查询剩余羽绒服信息 </title>
5
6 <!-- <script language = "javascript" src = "../js/goods_info_js.js"></script> -->
7 <link type = "text/css" rel = "stylesheet" href = "../css/goods_css.css">
8 </head>
9 <body onload = "javascript:goods_search_show()">
10 <form action = "http://localhost:8088/zzb/sole/php/goods_search_php.php" method = "post">
11 <div>
12 <div id = "goods_name">
13 输入要查询的品牌<input type = "text" name = "goods_name_input" />
14 </div>
15 <div id = "goods_number">
16 输入要查询的货号<input type = "text" name = "goods_number_input" />
17 </div>
18
19 <div>
20 <input type = "submit" name = "goods_submit" value = "确定"/>
21 </div>
22 </div>
23 </form>
24
25
26 </body>
27 </html>

goods_search_php.php

 1 <?php
2 include "D:\AppServ\www\zzb\sole\php\sql.init.php";
3 echo '<pre>';
4 print_r($_POST);
5 echo '</pre>';
6 /*
7 mysql> desc goods_info;
8 +---------------+-------------+------+-----+---------+----------------+
9 | Field | Type | Null | Key | Default | Extra |
10 +---------------+-------------+------+-----+---------+----------------+
11 | goods_id | int(11) | NO | PRI | NULL | auto_increment |
12 | goods_name | varchar(30) | YES | | NULL | |
13 | goods_number | varchar(10) | YES | | NULL | |
14 | goods_color | varchar(10) | YES | | NULL | |
15 | goods_size | varchar(10) | YES | | NULL | |
16 | goods_left | int(11) | YES | | NULL | |
17 | goods_date | datetime | YES | | NULL | |
18 | goods_comment | text | YES | | NULL | |
19 +---------------+-------------+------+-----+---------+----------------+
20 */
21
22 //$stmt = $link->stmt_init();
23 $sql = "select goods_name,goods_number, goods_color, goods_size, goods_left,goods_date,goods_comment from goods_info where goods_name=? and goods_number=?";
24     $stmt = $link->prepare($sql);
25 $type = "ss";
26 $stmt->bind_param($type,$_POST[goods_name_input],$_POST[goods_number_input]);
27 $stmt->execute();
28 //$stmt->store_result();//用于多个查询语句
29 $stmt->bind_result($goods_name,$goods_number,$goods_color,$goods_size,$goods_left,$goods_date,$goods_comment);
30
31 echo "<table align = 'center' border = '1'>";
32 echo "<tr><th>衣服品牌</th><th>货号</th><th>颜色</th><th>大小</th><th>剩余数量</th><th>进货日期</th><th>备注</th></tr>";
33 while($stmt->fetch())
34 {
35 echo "<tr>";
36 echo "<th>{$goods_name}</th>";
37 echo "<th>{$goods_number}</th>";
38 echo "<th>{$goods_color}</th>";
39 echo "<th>{$goods_size}</th>";
40 echo "<th>{$goods_left}</th>";
41 echo "<th>{$goods_date}</th>";
42 echo "<th>{$goods_comment}</th>";
43 echo "</tr>";
44
45 }
46 echo '</table>';
47
48 $stmt->close();
49 $link->close();
  1. 注意$stmt的得到方式
  2. 注意绑定形参、执行语句、绑定结果这三者的顺序
  3. 注意可直接将获得的表单内容传入到参数绑定语句中

sql_init.php

1 <?php
2
3 $link = new mysqli("localhost","root","a123","sole") or die("连接失败!");



你可能感兴趣的:(mysql)