0

I am creating a PHP/MySQLi class for a university project and annoyingly they are using PHP version 5.2.6. I need my class to execute the query using prepared statements and give an array of results, all of which works on PHP > 5.3 but on 5.2.6 my get_result is causing a fatal error. Is there any alternatives?

I have looked at bind_result although there could be ANY number of fields in the statement which means I cannot use this function.

public function select($query, $data = NULL) {
    $db = $this->connect();
    $stmt = $db->prepare($query);
    if(!is_null($data)) {
        call_user_func_array(array($stmt, 'bind_param'), $this->query_params($data));
    }
    $stmt->execute();       
    $sqlResult = $stmt->get_result(); //fatal error on PHP < 5.3
    $results = array();
    while($row = $sqlResult->fetch_assoc()) {
        $results[] = $row;
    }
    return $results;
}
James Walker
  • 795
  • 2
  • 6
  • 22
  • 2
    Share this with them: http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-57302/PHP-PHP-5.2.6.html I believe 5.2.6 was released in May of 2008. – Matt Oct 24 '14 at 18:03

1 Answers1

0

you can use bindvalues() like

public function query($sql,$params = array()){
        $this->_error = false;
        if($this->_query = $this->_pdo->prepare($sql)){
            $x = 1;
            if(count($params)){
                foreach($params as $param){
                    $this->_query->bindValue($x, $param);
                    $x++;
                }
            }

            if($this->_query->execute()){
                $this->_results = $this->_query->fetchAll(PDO::FETCH_OBJ);
                $this->_count = $this->_query->rowCount();
            }else {
                $this->_error = $this->_query->errorInfo();
            }
        }
        return $this;
    }
Rishabh Jain
  • 110
  • 9