php mysqli WHERE IN (?,?,? ...)

2021-12-25 00:00:00 php mysqli prepared-statement

根据http://us2.php.net/manual/en/mysqli-stmt.bind-param.php,不同的类型是:

i   corresponding variable has type integer
d   corresponding variable has type double
s   corresponding variable has type string
b   corresponding variable is a blob and will be sent in packets

但是,你怎么能处理这个:

However, how can you handle this:

->prepare("SELECT blabla FROM foo WHERE id IN (?)")

在哪里?将是一个 id 列表.可能有一项或多项:

Where ? would be a list of ids. There could be one or more items:

$ids = "3,4,78";
->bind_param('s',$ids);

这可能吗?

我想使用准备好的语句,因为它将在循环中执行.

I'd like to use prepared statements because it will be executed in a loop.

推荐答案

如果你有一个大小不同的变量列表,你想绑定到 IN 语句的每个调用,最简单的方法是以编程方式生成 SQL 字符串并使用循环来绑定变量:

If you have a list of variables that differs in size every call that you wanto to bind to an IN-statement, the most simple way would be to generate the SQL string programatically and use a loop to bind the variables:

/**
 * @param  array  $values
 * @param  mysqli $db
 * @return mysqli_stmt
 */
function bindInValues(array $values, mysqli $db)
{
    $sql = sprintf('SELECT blabla FROM foo WHERE id IN (%s)',
        implode(', ', array_fill(0, count($values), '?'))
    );
    $stmt = $db->prepare($sql);
    foreach ($values as $value) {
        $stmt->bind_param('s', $value);
    }
    return $stmt;
}

如果你喜欢call_user_func_array,你可以使用动态方法调用并且没有循环.

If you like call_user_func_array you can use dynamic method invocation and go along without a loop.

/**
 * @param  array  $values
 * @param  mysqli $db
 * @return mysqli_stmt
 */
function bindInValues(array $values, mysqli $db)
{
    $sql = sprintf('SELECT blabla FROM foo WHERE id IN (%s)',
        implode(', ', array_fill(0, count($values), '?'))
    );
    $stmt = $db->prepare($sql);
    array_unshift($values, implode('', array_fill(0, count($values), 's')));
    call_user_func_array(array($stmt, 'bind_param'), $values);
    return $stmt;
}

相关文章