1

I'm new to MySQLi and prepared statements and am having trouble with a certain part of my SELECT statement.

I have a string of email addresses that I want to work like this:

NOT IN ('name@email.com', 'name2@email.com', 'name3@email.com')

My current SQL is like this:

$globalTestEmails = "('name@email.com', 'name2@email.com', 'name3@email.com')";

NOT IN " . $globalTestEmails . " AND

So how do I go about changing that in MySQLi?

I guess I need to do:

NOT IN ?

But how do I set my $globalTestEmail variable? It won't like the brackets or commas right?

James Wilson
  • 809
  • 3
  • 14
  • 25
  • 1
    Is it always 3 emails? In that case you could probably do `NOT IN (?,?,?)`. – Sumurai8 Jan 02 '14 at 11:42
  • 1
    `NOT IN (?, ?, ?, ?)` maybe? Each implode should refer to placeholder – Royal Bg Jan 02 '14 at 11:42
  • The list is growing, they are our personal email accounts we don't want included in the record set. I use that condition in quite a few queries in my script so was useful to set it in one place at the top! – James Wilson Jan 02 '14 at 14:50
  • Thinking about it - do I even need to PREPARE that part of the query anyway? The email address string is written by me in the code itself. Surely the point of using PREPARED statements is to stop data entered on the front end in a malicious way and create an sql injection risk. Shall I just stick with: NOT IN " . $globalTestEmails . " for that part of the query? – James Wilson Jan 02 '14 at 14:53

0 Answers0