mysql where子句bug？

I programmed the following in php and mysql:

$id = $_GET['id'];  
if ($stmt = $db->prepare("SELECT disco, fecha, amazon from discos where id=? LIMIT 1")) {
    $stmt->bind_param("i", $id);    /* NOTE: "s" doesn't work */

    $stmt->execute();
    $stmt->bind_result($disco, $fecha, $amazon);        
    if($stmt->fetch()){
        /* Do some stuff */

    }
}

The thing is, when the value of $id is,for example: 100abcdMySQL where 子句, the query still fetches, whereas it shouldn't, as there is no id called like that, BUT it fetches the id 100.

Why is this happening? Thanks.

（编辑：云计算网_宿迁站长网）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!