PHP和mysqli：使用预处理语句选择多个条件

Question

我正在使用mysqli在一个php文件中运行的数据库上运行InnoDB一些准备好的语句。在1号线以及以下错误附近? AND section_num = ? AND dept = ? AND semester = ? AND year = ?：

Call to a member function bind_param() on a non-object. 

大部分的语句都工作得很好，但我对此一直在我的select语句返回语法错误多个条件select语句，具体

这里的代码片段：

if (!$rs = $mysqli->query("SELECT id FROM courses WHERE course_num = ? AND section_num = ? AND dept = ? AND semester = ? AND year = ?")) { 
     echo "Select Query Failed!: (" . $mysqli->errno . ") ". $mysqli->error; 
    } 
    if(!$rs->bind_param("ssssi", mysqli_real_escape_string($mysqli,$course_num), mysqli_real_escape_string($mysqli,$section_num), 
     mysqli_real_escape_string($mysqli,$dept), mysqli_real_escape_string($mysqli,$semester), mysqli_real_escape_string($mysqli,$year))) { 
     echo "Select Binding parameters failed: (" . $rs->errno .") " . $rs->error; 
    } 
    if (!$rs->execute()) { 
     echo "Execute select failed: (" . $rs->errno . ") " . $rs->error; 
    } 

如何形成这个语句来检索基础上，4个输入ID任何建议将是巨大的。谢谢！

Answer 1

您应该使用prepare来准备一个陈述，而不是query，因为它只是执行一个查询。

Answer 2

$query = " 
SELECT id 
FROM courses 
WHERE 
course_num = ? AND section_num = ? AND dept = ? AND semester = ? AND year = ? 
"; 
$rs = $mysqli->prepare($query); 
$rs->bind_param("ssssi", $course_num, $section_num, $dept, $semester, $year); 
$rs->execute(); 

Answer 3

变化：$mysqli->query("SELECT id ... 为：$mysqli->prepare("SELECT id ...

Answer 4

这是非常简单的只是这样做

$query = "SELECT * FROM `$table_tran` WHERE `$mem_id` ='$member_id' and       $status` = '$cur_status'"; 
$result = mysqli_query($link,$query); 

它使用and语句的事务表获取数据。