parameters in MySQLi

by

Oddly enough, the title to your question is basically the answer to it. You want to do something like this, using mysqli parameterized queries:

$db = new mysqli(<database connection info here>);
$name = "michael";
$age = 20;

$stmt = $db->prepare("SELECT $fields FROm $table WHERE name = ? AND age = ?");
$stmt->bind_param("si", $name, $age);
$stmt->execute();
$stmt->close();

More information in the mysqli section of the manual, specifically the functions related to MySQLi_STMT.

Note that I personally prefer using PDO over mysqli, I don’t like all the bind_param / bind_result stuff that mysqli does. If I have to use it I write a wrapper around it to make it work more like PDO.

More Related Contents:

  1. How do I post multiple parameters to a URL
  2. inserting information and image in php and mysql
  3. mysqli or die, does it have to die?
  4. MySQL vs MySQLi when using PHP [closed]
  5. PHP error: “Cannot pass parameter 2 by reference”
  6. How to get count of rows in MySQL table using PHP?
  7. Correct way to use LIKE ‘%{$var}%’ with prepared statements?
  8. How to bind mysqli bind_param arguments dynamically in PHP?
  9. How can I enable the MySQLi extension in PHP 7?
  10. mysqli_stmt::bind_param(): Number of elements in type definition string doesn’t match number of bind variables
  11. Dynamic select mysqli query with dynamic parameters returns error doesn’t match number of bind variables [duplicate]
  12. PHP Redirection with Post Parameters
  13. MySQLi Bind Param with an array for IN [duplicate]
  14. PHP PDO and MySQLi [duplicate]
  15. PHP + MySql + Stored Procedures, how do I get access an “out” value?
  16. mysqli query results to show all rows
  17. mysqli_real_connect(): (HY000/2002): No such file or directory
  18. mysqli + xdebug breakpoint after closing statement result in many warnings
  19. INSERT query produces “Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given”
  20. php password_verify() hash and pass won’t match
  21. How do I pass parameters into a PHP script through a webpage?
  22. PHP to MySQL SSL Connections
  23. Call to undefined method mysqli_result::fetch()
  24. Which is fastest in PHP- MySQL or MySQLi?
  25. mysqli persistent connection
  26. prepared parameterized query with PDO
  27. How to make mysqli connect function?
  28. Dynamically bind mysqli_stmt parameters and then bind result
  29. Check to see if an email is already in the database using prepared statements
  30. How to insert into MySQL using mysqli

Leave a Comment