問題描述

代碼:

$stmt->bind_param("s", md5($input['user'] . $config['salt']));

PHP 錯誤信息:

只有變量應(yīng)該通過引用傳遞

Only variables should be passed by reference

我一直在研究這個項(xiàng)目，但我現(xiàn)在被困住了.我是 PHP 新手.怎么辦?

I've been working on this project but I am stuck now. I am new to PHP. What to do?

推薦答案

感謝您使用 MySQLi 準(zhǔn)備好的語句！他們很痛苦，但值得.

Thanks for using MySQLi prepared statements! They're a pain, but it's worth it.

bind_param 通過引用.它通過查看您傳遞的變量并直接指向內(nèi)臟來實(shí)現(xiàn)這一點(diǎn).

bind_param takes values by reference. It does this by looking at the variable you're passing and pointing at the innards directly.

在您的調(diào)用中，您將返回函數(shù)調(diào)用的字符串結(jié)果 - 在本例中為 md5.因?yàn)闆]有涉及變量，所以沒有內(nèi)臟可指點(diǎn).PHP 抱怨無法通過引用傳遞數(shù)據(jù).

In your call, you're returning the string result of a function call - md5 in this case. Because there's no variable involved, there are no innards to point to. PHP is whining about not being able to pass the data by reference as a result.

您需要將函數(shù)調(diào)用的結(jié)果粘貼到一個變量中，然后將該變量傳遞給綁定.

You will need to stick the result of the function call into a variable, then pass that variable into the bind instead.

大警告！ md5 不再是一個安全的散列，并且應(yīng)該不用于存儲密碼.如果有機(jī)會，您應(yīng)該更新為更好的哈希格式，例如 bcrypt、PBKDF2、scrypt 等.

BIG FAT WARNING! md5 is not a secure hash any longer, and should not be used to store passwords. When you get the chance, you should update to a better hash format, such as bcrypt, PBKDF2, scrypt, etc.

這篇關(guān)于MySQLi 準(zhǔn)備好的語句抱怨“只應(yīng)通過引用傳遞變量"；的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！