0

I have the following, which works:

$sql = "SELECT * FROM SOMETABLE WHERE name='music'";
$stmt = $conn->prepare($sql);
$stmt->execute();

However, when I try to do it with variable binding, it does not:

$item_name = "music";
$sql = "SELECT * FROM SOMETABLE WHERE name='?'";
$stmt = $conn->prepare($sql);
$stmt->bind_param('s', $item_name);
$stmt->execute();

How can I go about figuring out why it doesn't?

redux
  • 1,157
  • 10
  • 21
  • Remove the quotes around the `?` The bind tell the extension what data type it is and that will do anything required to prepare the data for onward transmittion – RiggsFolly Jan 27 '22 at 18:15
  • https://www.php.net/manual/en/mysqli.error.php – Alex Howansky Jan 27 '22 at 18:16
  • 1
    "How to debug" is the right question to ask, and there is a guide linked above. However, in your case it could be a challenge, because even with the error message it will be hard to understand. You need to know beforehand that quotes are not used on placeholders because placeholders are not strings. – Your Common Sense Jan 27 '22 at 19:12
  • Thanks for the feedback! I couldn't find any examples online that used prepared statements with strings (every example used integers), I was var_dumping the prepared statement and it looks fine (no way to get the resultant query after the fill-in-the-blank though), and the "error message" was just that my results were null. – Joseph Schmidt Jan 29 '22 at 17:51

0 Answers0