Constructing a SQL statement is a comparison.
Copy CodeThe code is as follows:
$sql = ' SELECT *
From Sdb_comments
WHERE goods_id = '. Intval ($goods _id). '
and for_comment_id is NULL
and object_type = ". $item."
and disabled= "false"
and display = "true";
I prefer to do this:
Copy CodeThe code is as follows:
$sql = sprintf (' SELECT *
From Sdb_comments
WHERE goods_id =%.0f
and for_comment_id is NULL
and object_type = "%s"
and disabled= "false"
and display = "true" ', (float) $goods _id, $item);
This statement is simple, if it is more complex, with the concatenation of strings, it is a nightmare.
It is convenient to use the second way. But a small problem: When formatting numbers, you need to pay attention to the range of values. The numbers manipulate the value of the rhetorical question. Then the last SQL returned is not what we need.
I made a summary today:
%d:2^31~2^31-1 ( -2147483648~2147483647) (converts int to signed decimal)
%b: Binary (converts int to binary)
%c: Character (converts int to character)
%u:2^32-1 (0 ~ 4294967295) (converts int to signed decimal)
%f: -2^128-2^128 ( -3.4E38 ~+3.4e38) (convert float to float) localization
%F: -2^128-2^128 ( -3.4E38 ~+3.4e38) (convert float to float) non-localized
%o (convert int to octal)
%s: string
%x: Converts int to lowercase hexadecimal
%x: hexadecimal that converts int to uppercase
Because the ID in the database can be very large, if you use%d, it can occur because it is out of scope and is not the correct result. Therefore, it is better to use%.0f than%d when you format your ID.
http://www.bkjia.com/PHPjc/321541.html www.bkjia.com true http://www.bkjia.com/PHPjc/321541.html techarticle constructing the SQL statement is a copy of the code as follows: $sql = ' SELECT * from sdb_comments WHERE goods_id = '. Intval ($goods _id). ' And for_comment_id is NULL and object_type = ". $ite ...