的mysqli ::准备（）：无法获取的MySQL

Question

我开始使用mysqli_*功能，而不是在PHP老mysql_*功能，和我有一个有点问题，这段代码：

public function addUser($table, $code = false, $rows = false) { 
    if (!$code) { 
     header("Location: " . $this->authenticate()); 
    } else { 
     $this->getToken($code); 
    } 
    $user = $this->getEndpoint('users/current', false, true); 
    $user = $user->response->user; 
    if (!$rows) 
     $rows = array(
      "remote_id" => $user->id, 
      "firstName" => $user->first_name, 
      "lastName" => $user->last_name, 
      "photo" => $user->photo->medium, 
      "gender" => $user->gender == 'male' ? 1 : 2, 
      "email" => $user->contact->email, 
     ); 
    $rows['access_token'] = $this->accessToken; 
    $stmt = $this->mysql->prepare("SELECT id FROM users WHERE access_token = '{$this->accessToken}'"); //line 136 
    $stmt->execute(); //line 137 
} 

代码返回这2个错误：

Warning: mysqli::prepare(): Couldn't fetch MySQL in C:\Users\Grega\Server\application\inc\classes\APIConnect.php on line 136

Fatal error: Call to a member function execute() on a non-object in C:\Users\Grega\Server\application\inc\classes\APIConnect.php on line 137

'无法获取MySQL'的原因是什么？数据库连接是正确的，它在其他类中起作用，并且如果我在phpMyAdmin中执行它并执行它，查询将返回一个有效结果。另外，我的变量名为mysql不是mysqli！

Answer 1

您应该详细了解MYSQL与MYSQLi的区别。

当你的代码是：

$stmt = $this->mysql->prepare("SELECT id FROM users WHERE access_token = '{$this->accessToken}'"); 

你应该做的是这样的：

$stmt = $this->mysql->prepare("SELECT id FROM users WHERE access_token = ?"); 
$stmt->bind_param("s" , $this->accessToken); //Used 's' as I guess that the accessToken is a string 

的binding部分的prepare事情的关键部分。 （您的查询是安全的）

之后，您可以使用$stmt->execute();和get_result()。