使用mysqli中的预处理语句

<?php
/*=========================mysqli_stmt预处理类(推荐使用)=========================*/
/*===============================优点:效率高,安全================================*/
        $mysqli=new MySQLi("localhost","root","123456","xiaoqiangdb");
        
        
/*=================================非select语句==================================*/
        
        $sql="insert into shops(name,price,num,desn) values(?,?,?,?)";    //准备一条语句放到服务器中
        
        $stmt=$mysqli->prepare($sql);    //放到数据库
        
        $stmt->bind_param("sdis",$name,$price,$num,$desn);  //给占位符传值,类型-变量(不能是值)
        
        $name="zhangsan";
        $price=56.56;
        $num=66;
        $desn="good";
        
        $stmt->execute();    //执行
        
        echo "最后ID".$stmt->insert_id;
        $stmt->close();

/*=================================select语句==================================*/

        $sql="select id,name,price,num,desn from shops where id>?";    //准备一条语句放到服务器中
        
        $stmt=$mysqli->prepare($sql);    //放到数据库
        
        $stmt->bind_param("i",$id);  //给占位符传值,类型-变量(不能是值)
        
        $stmt->bind_result($id,$name,$price,$num,$desn);    //绑定结果集
        
        $id=99;
        
        $stmt->execute();    //执行
        
        $stmt->store_result();    //一次性讲结果都取过来,才能移动指针和获取总数
        
        //字段信息
        $result=$stmt->result_metadata();
        
        while($field=$result->fetch_field()){
                echo $field->name;
        }
        echo "<br>";
        
        //记录信息
        $stmt->data_seek(2);    
        
        while($stmt->fetch()){
                echo "$id--$name--$price--$num--$desn<br>";
        }
        echo "记录总数:".$stmt->num_rows;
        
        $stmt->free_result();
        
        $stmt->close();

?>