0

I am building a MySQLi full text search with multiple values in IN() using prepared statements.

The script is working fine for single value in IN() but not for multiple values.

Code

$keyword = "+$keyword*";
$search = 'Games';

$query = "SELECT id, title FROM $tablename WHERE category IN(?) AND MATCH (title) AGAINST ( ? IN BOOLEAN MODE)";
$prepare = mysqli_prepare($connection, $query);
mysqli_stmt_bind_param($prepare, "ss", $search, $keyword);
mysqli_stmt_execute($prepare);
mysqli_stmt_bind_result($prepare, $id, $title);
while(mysqli_stmt_fetch($prepare)){
echo $id.' '.$title.'<br />';
}
mysqli_stmt_close($prepare);

The above code does not work for multiple values like.

$search = "'Software', 'Games'";

I guess I need to do something like.

$IN = rtrim(str_repeat('?, ', count($search)), ', ') ;
$query = "SELECT id, title FROM $tablename WHERE category IN($IN) AND MATCH (title) AGAINST ( ? IN BOOLEAN MODE) ";

Now how to handle these parts.

mysqli_stmt_bind_param($prepare, "ss", $search, $keyword);
mysqli_stmt_execute($prepare);

As binding parameters increases with multiple values.

Please see and suggest any possible way to do this.

Thanks.

Update

I tried like this

$search = array('Software', 'Games');
$IN = rtrim(str_repeat('?, ', count($search)), ', ') ;
$search[]=$keyword;

$query = "SELECT id, title FROM $tablename WHERE category IN($IN) AND MATCH (title) AGAINST ( ? IN BOOLEAN MODE) ";

$prepare = mysqli_prepare($connection, $query);
mysqli_stmt_execute($search);
mysqli_stmt_bind_result($prepare, $id, $title);
while(mysqli_stmt_fetch($prepare)){
echo $id.' '.$title.'<br />';
}
mysqli_stmt_close($prepare);

But it didnt work, It gives me error mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, array given

  • [How can I create a prepared statement for IN () operator?](http://stackoverflow.com/a/15991146/285587). however, with mysqli it would be twice harder. thare are ALOT of answers for mysqli anyway. Put a slight effort in search – Your Common Sense Jun 29 '13 at 06:59
  • @YourCommonSense Sir I have been searching a lot and couldn't find any solution working for me, As you suggest I tried but got error, please see update in my question. –  Jun 29 '13 at 07:11
  • What query did you use for google? – Your Common Sense Jun 29 '13 at 07:15
  • @YourCommonSense full text search with array In() php prepared statement, full text search with array in php prepared statement,how to enter array in php prepared statement,how to enter array in prepared statment, these are from today history only sir. –  Jun 29 '13 at 07:25
  • your goolge query [how to enter array in php prepared statement](https://www.google.ru/search?q=how+to+enter+array+in+php+prepared+statement) is giving me [this answer](http://stackoverflow.com/questions/6178926/php-prepared-statements-with-an-array) as a 5th result. What I am doing wrong? – Your Common Sense Jun 29 '13 at 07:33
  • @YourCommonSense you are doing nothing wrong sir, why you ask that, That solution gives me error as `Only variables should be passed by reference in `, These solution not working for my full text search. –  Jun 29 '13 at 07:42

0 Answers0