0

I can not figure out how I can prepare my select statement.

$query = "SELECT name, art FROM table_one WHERE name LIKE ? AND art IN ?";
if ($stmt = $db_link->prepare($query)) {
    $stmt->bind_param("ss", $name, $art); 
    $stmt->execute();

    if ($stmt->errno){
       //Deal with error
    }
    $name = "%Marc%";
    $art = "('green', 'blue', 'red')";
    $stmt->execute();
    $stmt->bind_result($name, $art);
    while ($stmt->fetch()){
       //Output data
    }
}

So the problem is, that something does not work with the syntax in the prepared statement. This is my first attempt at preparing statements.

I had the query working before without using a prepared statement, but I am forced to use that now.

The old query looked like this:

$query = "SELECT name, art FROM table_one WHERE name LIKE '%$name%' AND art IN ('$art')";

Thank you for your help.

Neevotic
  • 101
  • 1
  • 1
    `AND art IN(?)` - `IN()` requires the brackets as you did in the other example. – Funk Forty Niner Feb 18 '18 at 15:03
  • You also need to set a value into `$name` and `$art` before you execute the `->execute()` – RiggsFolly Feb 18 '18 at 15:03
  • isn't the first execute just to check the query though? – Neevotic Feb 18 '18 at 15:04
  • 1
    `bin_result` ?? appropriate, but there should be a `d` in there somewhere – RiggsFolly Feb 18 '18 at 15:05
  • No the `->prepare` sends the query to the server for compilation, the `->execute()` runs it, but parameters have to have been set as its the execute that actually causes the bound parameters to replace the `?` – RiggsFolly Feb 18 '18 at 15:06
  • ahh the d was just a typo here, but the code is still not working – Neevotic Feb 18 '18 at 15:09
  • Answers for mysqli exist too. – u_mulder Feb 18 '18 at 15:10
  • _"the d was just a typo here"_ - It helps if you copy/paste the _actual_ code. If you rewrite it for our benefit, you might introduce new issues (as you currently did) and remove existing issues. We won't know what to focus on since we don't know what the actual code looks like. – M. Eriksson Feb 18 '18 at 15:11

0 Answers0