Unfortunately, by default, bind_param() doesn’t accept an array instead of separate variables. However, since PHP 5.6 there is a magnificent improvement that will do the trick. To bind an arbitrary number of variables into mysqli query you will need an argument unpacking operator. It will make the operation as simple and smooth as possible. For … Read more
The best way to prevent duplicate usernames in the database is to make the database column PRIMARY KEY or mark it as UNIQUE. — Make it a primary key ALTER TABLE users ADD PRIMARY KEY(username); — or set it to be unique ALTER TABLE users ADD UNIQUE (username); This will prevent duplicate records in the … Read more
you could do it this way: $ids = array(1,5,18,25); // creates a string containing ?,?,? $clause = implode(‘,’, array_fill(0, count($ids), ‘?’)); $stmt = $mysqli->prepare(‘SELECT * FROM somewhere WHERE `id` IN (‘ . $clause . ‘) ORDER BY `name`;’); call_user_func_array(array($stmt, ‘bind_param’), $ids); $stmt->execute(); // loop through results Using this you’re calling bind_param for each id and … Read more
You need to specify the connection that you made to your database somewhere earlier in your page. You should put that variable in the query. Suppose you made a variable called $con. Then your code should be like this. mysqli_query($con,”INSERT INTO `counter`.`hits` (`page_hits`) VALUES (1)”);
When just a single result is needed, then no loop should be used. Just fetch the row right away. In case you need to fetch the entire row into associative array: $row = $result->fetch_assoc(); in case you need just a single value $row = $result->fetch_row(); $value = $row[0] ?? false; The last example will return … Read more
If you have a look at MySQL Improved Extension Overview, it should tell you everything you need to know about the differences between the two. The main useful features are: an Object-oriented interface support for prepared statements support for multiple statements support for transactions enhanced debugging capabilities embedded server support.
Since PHP 8.1 you can pass an array directly to execute: $sql = “INSERT INTO users (email, password) VALUES (?,?)”; // sql $stmt = $mysqli->prepare($sql); // prepare $stmt->execute([$email, $password]); // execute with data! For the earlier versions the task is a bit elaborate but doable. I’ll take the explanation from my article Mysqli prepared statement … Read more
The problem lies in: $query = $this->db->conn->prepare(‘SELECT value, param FROM ws_settings WHERE name = ?’); $query->bind_param(‘s’, $setting); The prepare() method can return false and you should check for that. As for why it returns false, perhaps the table name or column names (in SELECT or WHERE clause) are not correct? Also, consider use of something … Read more
Just simply add or die(mysqli_error($db)); at the end of your query, this will print the mysqli error. mysqli_query($db,”INSERT INTO stockdetails (`itemdescription`,`itemnumber`,`sellerid`,`purchasedate`,`otherinfo`,`numberofitems`,`isitdelivered`,`price`) VALUES (‘$itemdescription’,’$itemnumber’,’$sellerid’,’$purchasedate’,’$otherinfo’,’$numberofitems’,’$numberofitemsused’,’$isitdelivered’,’$price’)”) or die(mysqli_error($db)); As a side note I’d say you are at risk of mysql injection, check here How can I prevent SQL injection in PHP?. You should really use prepared statements to … Read more
The mysqli_query() method returns an object resource to your $result variable, not a string. You need to loop it up and then access the records. You just can’t directly use it as your $result variable. while ($row = $result->fetch_assoc()) { echo $row[‘classtype’].”<br>”; }