Unfortunately, the use „/* bind result variables */ $stmt->bind_result($district);“ is obsolete and condemned. character_set_name()!=“utf8mb4″) { $mysqli->set_charset(„utf8mb4“); } $secondname = „Ma%“; $types = „s“; $parameters = array($secondname); $myquery = „select * from users where secondname like ?“; if ($stmt = $mysqli->prepare($myquery)) { $stmt->bind_param($types, …$parameters); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $numrows = $result->num_rows; while($row = $result->fetch_assoc()) { echo $row[‘firstname’].“ „.$row[‘secondname’].“
„; } } $mysqli->close(); ?> Also, instead of ‘$stmt->bind_param(„s“, $city);’, use „$stmt->bind_param($types, …$parameters);“ with array. Here the advantage of using an array ($parameters) is already obvious, instead of 5 variables, one array of 5 elements is used. character_set_name()!=“utf8mb4″) { $mysqli->set_charset(„utf8mb4″); } $uid = intval($_POST[‘uid’]); $length=15; $account = mb_substr(trim($_POST[‘account’]),0,$length,“utf-8″); $account=strip_tags($account); $length=50; $password = mb_substr(trim($_POST[‘password’]),0,$length,“utf-8″); $password = password_hash($password, PASSWORD_DEFAULT); $length=25; $prijmeni = mb_substr(trim($_POST[‘prijmeni’]),0,$length,“utf-8″); $prijmeni=strip_tags($prijmeni); $length=25; $firstname = mb_substr(trim($_POST[‘firstname’]),0,$length,“utf-8“); $firstname=strip_tags($firstname); $firstname = str_replace(array(„>“,“<",'"'), array("","",""), $firstname); $dotaz = "UPDATE users SET account = ?, password = ?, secname = ?, firstname = ? WHERE uid = ?"; $types = "ssssi"; $parameters = array($account,$password,$prijmeni,$firstname,$uid); if ($stmt = $mysqli->prepare($dotaz)) { $stmt->bind_param($types, …$parameters); $stmt->execute(); echo $stmt->affected_rows; $stmt->close(); } $mysqli->close(); ?>
Наши спонсори са:
Български трактори на добри цени при изключително качество
