mysqli::query

mysqli_query

(PHP 5, PHP 7, PHP 8)

mysqli::query -- mysqli_query对数据库执行查询

说明

面向对象风格

public mysqli::query(string $query, int $result_mode = MYSQLI_STORE_RESULT): mysqli_result|bool

过程化风格

mysqli_query(mysqli $mysql, string $query, int $result_mode = MYSQLI_STORE_RESULT): mysqli_result|bool

对数据库执行 query

警告

Security warning: SQL injection

If the query contains any variable input then parameterized prepared statements should be used instead. Alternatively, the data must be properly formatted and all strings must be escaped using the mysqli_real_escape_string() function.

对非 DML 查询(不是 INSERT、UPDATE 或 DELETE),此函数类似于调用 mysqli_real_query() 然后调用 mysqli_use_result()mysqli_store_result()

注意:

传递给 mysqli_query() 的语句长度比服务器的 max_allowed_packet 长的情况下,返回的错误码不同,具体取决于使用的是 MySQL Native Driver(mysqlnd)还是 MySQL Client Library(libmysqlclient)。行为如下:

  • Linux 上 mysqlnd 返回错误码 1153。错误消息表示为 got a packet bigger than max_allowed_packet bytes

  • Windows 上 mysqlnd 返回错误码 2006。错误消息表示为 server has gone away

  • libmysqlclient 在所有平台返回错误码 2006。错误消息表示为 server has gone away

参数

mysql

仅以过程化样式:由 mysqli_connect()mysqli_init() 返回的 mysqli 对象。

query

查询字符串。

result_mode

The result mode can be one of 3 constants indicating how the result will be returned from the MySQL server.

MYSQLI_STORE_RESULT(默认)——返回带有缓冲结果集的 mysqli_result 对象。

MYSQLI_USE_RESULT - returns a mysqli_result object with unbuffered result set. As long as there are pending records waiting to be fetched, the connection line will be busy and all subsequent calls will return error Commands out of sync. To avoid the error all records must be fetched from the server or the result set must be discarded by calling mysqli_free_result().

MYSQLI_ASYNC(适用于 mysqlnd)——执行异步查询且并不立即返回结果。然后使用 mysqli_poll() 从此类查询中获取结果。与 MYSQLI_STORE_RESULTMYSQLI_USE_RESULT 常量结合使用。

返回值

失败时返回 false。对于生成结果集的成功查询,比如 SELECT, SHOW, DESCRIBEEXPLAINmysqli_query() 将返回 mysqli_result 对象。对其它成功查询,mysqli_query() 将返回 true

错误/异常

If mysqli error reporting is enabled (MYSQLI_REPORT_ERROR) and the requested operation fails, a warning is generated. If, in addition, the mode is set to MYSQLI_REPORT_STRICT, a mysqli_sql_exception is thrown instead.

示例

示例 #1 mysqli::query() 示例

面向对象风格

<?php

mysqli_report
(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli("localhost", "my_user", "my_password", "world");

/* Create table doesn't return a resultset */
$mysqli->query("CREATE TEMPORARY TABLE myCity LIKE City");
printf("Table myCity successfully created.\n");

/* Select queries return a resultset */
$result = $mysqli->query("SELECT Name FROM City LIMIT 10");
printf("Select returned %d rows.\n", $result->num_rows);

/* If we have to retrieve large amount of data we use MYSQLI_USE_RESULT */
$result = $mysqli->query("SELECT * FROM City", MYSQLI_USE_RESULT);

/* Note, that we can't execute any functions which interact with the
server until all records have been fully retrieved or the result
set was closed. All calls will return an 'out of sync' error */
$mysqli->query("SET @a:='this will not work'");

过程化风格

<?php

mysqli_report
(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$link = mysqli_connect("localhost", "my_user", "my_password", "world");

/* Create table doesn't return a resultset */
mysqli_query($link, "CREATE TEMPORARY TABLE myCity LIKE City");
printf("Table myCity successfully created.\n");

/* Select queries return a resultset */
$result = mysqli_query($link, "SELECT Name FROM City LIMIT 10");
printf("Select returned %d rows.\n", mysqli_num_rows($result));

/* If we have to retrieve large amount of data we use MYSQLI_USE_RESULT */
$result = mysqli_query($link, "SELECT * FROM City", MYSQLI_USE_RESULT);

/* Note, that we can't execute any functions which interact with the
server until all records have been fully retrieved or the result
set was closed. All calls will return an 'out of sync' error */
mysqli_query($link, "SET @a:='this will not work'");

以上示例的输出类似于:

Table myCity successfully created.
Select returned 10 rows.

Fatal error: Uncaught mysqli_sql_exception: Commands out of sync; you can't run this command now in...

参见

add a note add a note

User Contributed Notes 21 notes

up
48
NUNTIUS
16 years ago
This may or may not be obvious to people but perhaps it will help someone.

When running joins in SQL you may encounter a problem if you are trying to pull two columns with the same name. mysqli returns the last in the query when called by name. So to get what you need you can use an alias.

Below I am trying to join a user id with a user role. in the first table (tbl_usr), role is a number and in the second is a  text name (tbl_memrole is a lookup table). If I call them both as role I get the text as it is the last "role" in the query. If I use an alias then I get both as desired as shown below.

<?php
$sql
= "SELECT a.uid, a.role AS roleid, b.role,
            FROM tbl_usr a
            INNER JOIN tbl_memrole b
            ON a.role = b.id
            "
;

    if (
$result = $mysqli->query($sql)) {
        while(
$obj = $result->fetch_object()){
           
$line.=$obj->uid;
           
$line.=$obj->role;
           
$line.=$obj->roleid;
        }
    }
   
$result->close();
    unset(
$obj);
    unset(
$sql);
    unset(
$query);
   
?>
In this situation I guess I could have just renamed the role column in the first table roleid and that would have taken care of it, but it was a learning experience.
up
34
theyranos at gmail dot com
13 years ago
The cryptic "Couldn't fetch mysqli" error message can mean any number of things, including:

1. You're trying to use a database object that you've already closed (as noted by ceo at l-i-e dot com). Reopen your database connection, or find the call to <?php mysqli_close($db); ?> or <?php $db->close(); ?> and remove it.
2. Your MySQLi object has been serialized and unserialized for some reason. Define a wakeup function to re-create your database connection. http://php.net/__wakeup
3. Something besides you closed your mysqli connection (in particular, see http://bugs.php.net/bug.php?id=33772)
4. You mixed OOP and functional calls to the database object. (So, you have <?php $db->query() ?> in the same program as <?php mysqli_query($db) ?>).
up
34
petrus.jvr
13 years ago
When calling multiple stored procedures, you can run into the following error: "Commands out of sync; you can't run this command now".
This can happen even when using the close() function on the result object between calls.
To fix the problem, remember to call the next_result() function on the mysqli object after each stored procedure call. See example below:

<?php
// New Connection
$db = new mysqli('localhost','user','pass','database');

// Check for errors
if(mysqli_connect_errno()){
echo
mysqli_connect_error();
}

// 1st Query
$result = $db->query("call getUsers()");
if(
$result){
    
// Cycle through results
   
while ($row = $result->fetch_object()){
       
$user_arr[] = $row;
    }
   
// Free result set
   
$result->close();
   
$db->next_result();
}

// 2nd Query
$result = $db->query("call getGroups()");
if(
$result){
    
// Cycle through results
   
while ($row = $result->fetch_object()){
       
$group_arr[] = $row;
    }
    
// Free result set
    
$result->close();
    
$db->next_result();
}
else echo(
$db->error);

// Close connection
$db->close();
?>
up
6
xa at sagexa dot com
2 years ago
"In PHP 8.1, the default error handling behavior of the MySQLi extension has changed from silencing errors to throw an Exception on errors. "
This is true even for the procedural use of mysqli, i.e. mysqli_query.
Hence, using if(!mysqli_query($c, $sql)) [...] is pointless.
To disable Exception throwing : mysqli_report(MYSQLI_REPORT_OFF);
up
12
Anonymous
6 years ago
Here is an example of a clean query into a html table

<table>
   <tr>
     <th>First Name</th>
     <th>Last Name</th>
     <th>City</th>
   </tr>
   <?php while ($row = $myquery->fetch_assoc()) { ?>
   <tr>
     <td><?php echo $row["firstname"]; ?></td>
     <td><?php echo $row["lastname"]; ?></td>
     <td><?php echo $row["city"];?></td>
   </tr>
   <?php } ?>
</table>
up
-2
registrations at jdfoxmicro dot com
14 years ago
I like to save the query itself in a log file, so that I don't have to worry about whether the site is live.

For example, I might have a global function:

<?php
function UpdateLog ( $string , $logfile )  {
  
$fh = fopen ( $logfile , 'a' );
  
$fwrite ( $fh , strftime ('%F %T %z')." ".$string."\n";
  
fclose ( $fh );
}
?>

Then in my mysql function error trapper, something like this:

<?php
   $error_msg
= "Database error in [page].php / ";
  
$error_msg .= mysqli_error ( $link )." / ";
  
$error_msg .= $query;
  
UpdateLog ( $error_msg , DB_ERROR_LOG_FILE );
?>

I also include the remote IP, user agent, etc., but I left it out of these code samples.  And have it e-mail me when an error is caught, too.

Jeff
up
-2
ceo at l-i-e dot com
16 years ago
Translation:
"Couldn't fetch mysqli"

You closed your connection and are trying to use it again.

It has taken me DAYS to figure out what this obscure error message means...
up
-2
Beeners
18 years ago
Stored Procedures.

Use mysqli_query to call a stored procedure that returns a result set.

Here is a short example:

<?php
$mysqli
= new mysqli(DBURI,DBUSER,DBPASS,DBNAME);
if (
mysqli_connect_errno())
{
 
printf("Connection failed: %s\n", mysqli_connect_error());
  exit();
}

$SQL = "CALL my_procedure($something)";
if ( (
$result = $mysqli->query($SQL))===false )
{
 
printf("Invalid query: %s\nWhole query: %s\n", $mysqli->error, $SQL);
  exit();
}

while (
$myrow = $result->fetch_array(MYSQLI_ASSOC))
{
 
$aValue[]=$myrow["a"];
 
$bValue[]=$myrow["b"];
}
$result->close();
$mysqli->close();
?>
I hope this saves someone some time.
up
-11
info at ff dot net
18 years ago
Calling Stored Procedures

Beeners' note/example will not work. Use mysqli_multi_query() to call a Stored Procedure. SP's have a second result-set which contains the status: 'OK' or 'ERR'. Using mysqli_query will not work, as there are multiple results.

<?php
$sQuery
="CALL SomeSP('params')";
if(!
mysqli_multi_query($sqlLink,$sQuery)) {
 
// your error handler
}
$sqlResult=mysqli_store_result($sqlLink);

if(
mysqli_more_results($this->sqlLink))//Catch 'OK'/'ERR'
 
while(mysqli_next_result($this->sqlLink));
?>

You will have to rewrite/expand this a bit for more usability of course, but it's just an example.
up
-15
joseph_robert_martinez at yahoo dot com
10 years ago
For those using with replication enabled on their servers,  add a mysqli_select_db() statement before any data modification queries.  MySQL replication does not handle statements with db.table the same and will not replicate to the slaves if a scheme is not selected before.

Found out after days of resetting master and slaves on another site http://www.linuxquestions.org/questions/linux-server-73/mysql-5-1-not-replicating-properly-with-slave-823296/
up
-13
hunreal at gmail dot com
20 years ago
Use difference collation/character for connect, result.
You can set the collation before your query.

E.g. want to set the collation to utf8_general_ci
you can send the query "SET NAMES 'utf8'" first

<?php
$mysqli
=new mysqli('localhost', 'root', 'password', 'test');
$mysqli->query("SET NAMES 'utf8'");
$q=$mysqli->query("select * from test");
while(
$r=$q->fetch_assoc()) {
   
print_r($r);
}
?>

There are many variables about character settings.
By running sql command, SHOW VARIABLES LIKE 'char%';
There are some variables control the character usage.

character_set_client
character_set_connection
character_set_database
character_set_results
character_set_server
character_set_system

Also SET NAMES can repalce with one or some settings like SET character_set_results='utf8';
up
-14
jcwebb at dicoe dot com
17 years ago
When building apps, i like to see the whole statement when if fails.
<?php
$q
="SELECT somecolumn FROM sometable"; //some instruction
$r=mysqli_query($DBlink,$q) or die(mysqli_error($DBlink)." Q=".$q);
?>
If theres an error (like my numerous typing mistakes) this shows the entire instruction.
Good for development (not so good on production servers - simply find and replace when finished: $r=mysqli_query($DBlink,$q); )

Hope it helps. Jon
up
-16
Igor
15 years ago
mysqli::query() can only execute one SQL statement.

Use mysqli::multi_query() when you want to run multiple SQL statements within one query.
up
-17
thomas dekker
14 years ago
Building inserts can be annoying. This helper function inserts an array into a table, using the key names as column names:

<?php
 
private function store_array (&$data, $table, $mysqli)
  {
   
$cols = implode(',', array_keys($data));
    foreach (
array_values($data) as $value)
    {
      isset(
$vals) ? $vals .= ',' : $vals = '';
     
$vals .= '\''.$this->mysql->real_escape_string($value).'\'';
    }
   
$mysqli->real_query('INSERT INTO '.$table.' ('.$cols.') VALUES ('.$vals.')');
  }
?>

Adapt it to your specific needs.
up
-20
ahmed dot 3abdolah at gmail dot com
10 years ago
Hi, i created function that add  a new table using array , i work with it on my projects ...
<?PHP
                  
/* this function was learned from PHP.net */
function array_keys_exist(&$key,array &$array){
               
$keys = split("\|",$key);
                foreach(
$keys as $key_s){
                    if(
array_key_exists($key_s, $array)) return true;
                    }
                return
false;
            }
/*and this is my function */
array_create_table(array &$array){
        if(
is_array($array)){
          
$key = "table|rows|values";   
       
$info = "";
        if(
array_keys_exist($key,$array)){
        if(
is_array($array["rows"]) and is_array($array["values"]) ){
                                        
            if(
count($array["rows"]) == count($array["values"])) {
                        for(
$i=0; $i<=count($array["rows"]); $i++){
   
$info = $info." ".$array["rows"][$i]." ".$array["values"][$i]." NOT NULL ";
            if(
$i < count($array["rows"])-1 ) $info = $info.",";
                    }
   
$query = "CREATE TABLE ".$this->private_tables_name.$array["table"]." ";
   
$query .= "( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, ".$info." )";
                    return
$query;   
                        }
                        }
                }else return
"Error";
                    }
            }

/* the use is simple */
$database = new database(); // connection to database i used mysqli ...
$array = array("table"=>"MRO", "rows"=>array("name","username") , "values" => array("VARCHAR (50) "," VARCHAR (50) ") );

$query = array_create_table($array); // convert and create the query ...
if($database->query($query)) echo "Work"; else echo "Error"; // result : work

?>
up
-17
marcus at synchromedia dot co dot uk
13 years ago
The exact type returned by a successful query is mysqli_result.
up
-20
popere dot noel at yahoo dot com
11 years ago
or you could just extend the class...
in my case i already had a wraper for the db so something like this was easy :

public function  free($result) {
 
  $result->free_result();
$this->link->next_result();
}

just tried it and it works like a charm ;-)
up
-9
omidbahrami1990 at gmail dot com
6 years ago
This Is A Secure Way To Use mysqli::query
--------------------------------------------------------
<?php
function secured_query($sql)
{
$connection = new mysqli($host,$username,$password,$name);
   
if (
$connection->connect_error)
die(
"Secured");
   
$result=$connection->query($sql);
if(
$result==FALSE)
die(
"Secured");
   
$connection->close();       
return
$result;   
}
/*
$host ---> DataBase IP Address
$username ---> DataBase Username
$password ---> DataBase Password
$name ---> DataBase Name
*/
?>
up
-23
blinki bill, argodak at yahoo dot com
11 years ago
Recently I had puzzling problem when performing DML queries, update in particular, each time a update query is called and then there are some more queries to follow this error will show on the page and go in the error_log:
"Fatal error:  Exception thrown without a stack frame in Unknown on line 0"

The strange thing is that all queries go through just fine so it didn't make much sense:

$update = mysqli_query($connection, $query_string);
if(!$update){
echo 'Houston we have a problem '.mysqli_error($connection);
exit;
}

In the above example "$update" is "true", mysqli_error() is empty and of course the update operation goes through, however the nasty super cryptic error appears on the page.
What makes even less sense to me is how I fixed it - just called "mysqli_free_result" after the update query and the problem was gone, however because mysqli_free_result is not supposed to be called after DML queries (to free what, a boolean? lol) it needs to be wrapped in a try catch block:

try{
mysqli_free_result($update);
}catch (Exception $e){
//do nothing
}

So, I don't know why but it seems that when DML queries are responsible for:
"Fatal error:  Exception thrown without a stack frame in Unknown on line 0"
calling "mysqli_free_result" after the query seems to be fixing the issue
up
-6
David Marcus
7 years ago
If you use the default resultmode of MYSQLI_STORE_RESULT, you can call $mysqli->close() right after $mysqli->query and before you use mysqli_result. This reduces the time the connection is open, which can help if the database server has a limit on how many connections there can be.
up
-13
Anonymous
7 years ago
I don't know is it bug or something , then first I write it here . Query SHOW with MYSQLI_USE_RESULT option don't show num_rows :
<?php
SHOW TABLES LIKE
[some table], MYSQLI_USE_RESULT
num_rows
// shows 0 !
?>
To Top