Is there a difference between mysqli->prepare() and stmt->prepare()? - php

$sql = 'SELECT * FROM Table WHERE Column = ?';
$stmt = $mysqli->stmt_init();
if ($stmt->prepare($sql)) {
$stmt->bind_param('s', $ColumnValue);
$stmt->execute();
$stmt->bind_result($Col1, $Col2);
$stmt->fetch();
$stmt->close();
}
// or
if ($stmt = $mysqli->prepare($sql)) {
$stmt->bind_param('s', $ColumnValue);
$stmt->execute();
$stmt->bind_result($Col1, $Col2);
$stmt->fetch();
$stmt->close();
}
When dealing with prepared statements, what's the difference? Which should be used?


Looking at the source, they both do the same thing. Personally, I'd go with the one that involves less typing since both are equally readable.

Related

MySQLi prepared statement not binding integer

I'm new to prepared statements. Sql query is working fine if i insert dummy data and it is working without binding the integer($id).
Where am i wrong?
sql = "UPDATE staff_type SET s_type=?, description=? WHERE s_type_id=?;";
$stmt = mysqli_stmt_init($conn);
mysqli_stmt_prepare($stmt, $sql));
mysqli_stmt_bind_param($stmt, "ssi", $type, $desc, $id);
mysqli_stmt_execute($stmt);

I found the error which cause the integer parameter to not bind. I didn't know that disabled input fields cannot post data, therefore i found a solution to replace the 'disabled' attribute with 'readonly'.

Before binding parameters you have to Prepare an SQL statement with parameters in it.
$sql = "UPDATE staff_type SET s_type=?, description=? WHERE s_type_id=?;";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssi", $type, $desc, $id);
$stmt->execute();

You have to Prepare Statement first
**Procedural style**
$stmt = mysqli_prepare($conn, "UPDATE staff_type SET s_type=?, description=? WHERE s_type_id=?");
mysqli_stmt_bind_param($stmt, "ssi", $type, $desc, $id);
mysqli_stmt_execute($stmt);
check http://php.net/manual/en/mysqli-stmt.bind-param.php

Try this
$sql= $con->prepare("update staff_type set s_type=?, description=? WHERE s_type_id = ?");
if ($result){
$sql->bind_param('ssi', $s_type, $desc, $s_type_id );
$sql->execute();
}
side note: s represents string while i represents integer
Hope this helps you

many mysqli connections with close?

I have a php that I need to many selects, like 10, so I do:
$stmt = $mysqli_->prepare("SELECT count(id) as num FROM table WHERE id=?");
$stmt->bind_param('i', $id);
$stmt->execute();
$stmt->bind_result($count);
$stmt->fetch();
$stmt->close();
$stmt = $mysqli_->prepare("SELECT count(id) as num FROM table2 WHERE id=?");
$stmt->bind_param('i', $id);
$stmt->execute();
$stmt->bind_result($count2);
$stmt->fetch();
$stmt->close();
$stmt = $mysqli_->prepare("SELECT count(id) as num FROM table3 WHERE id=?");
$stmt->bind_param('i', $id);
$stmt->execute();
$stmt->bind_result($count3);
$stmt->fetch();
$stmt->close();
...
is it ok to use the $stmt->close(); all the time or would it kill the connection performance?

MySQLi multiple prepared statements using previous fetched $variable

$stmt = $mysqli->prepare("SELECT id,name,master,level,exp FROM player.guild ORDER BY exp DESC");
$stmt->execute();
$stmt->bind_result($id, $name, $master, $level, $exp);
$stmt->fetch();
$guildnum = $stmt->num_rows;
$stmt->store_result();
$stmt->close();
$stmt2 = $mysqli->prepare("SELECT id,login FROM account.account WHERE id=?");
$stmt2->bind_param("i", $master);
$stmt2->execute();
$stmt2->bind_result($boss_id, $boss_name);
$stmt2->store_result();
$stmt2->close();
$stmt3 = $mysqli->prepare("SELECT empire FROM player.player_index WHERE id=?");
$stmt3->bind_param("i", $boss_id);
$stmt3->execute();
$stmt3->bind_result($empire);
$stmt3->store_result();
$stmt3->close();
$stm2 and $stm3 are not returning the result..
//EXPLAINING THE CODE
$stm fetch some details and store them into $variables
$stm2 uses the variable $master to fetch "id" and "login" and store them into other variables
$stm3 uses $boss_id (stored by $stm2) to fetch and set the variable $empire
//EXPLAINING THE CODE
Can anyone help me please?
Regards.

So if all is correct, just need to fetch the values (bind_result)
$stmt = $mysqli->prepare("SELECT id,name,master,level,exp FROM player.guild ORDER BY exp DESC");
$stmt->execute();
$stmt->bind_result($id, $name, $master, $level, $exp);
$stmt->fetch(); //fetch values
$guildnum = $stmt->num_rows;
$stmt->store_result();
$stmt->close();
$stmt2 = $mysqli->prepare("SELECT id,login FROM account.account WHERE id=?");
$stmt2->bind_param("i", $master);
$stmt2->execute();
$stmt2->bind_result($boss_id, $boss_name);
$stmt2->fetch(); //fetch values
$stmt2->close();
$stmt3 = $mysqli->prepare("SELECT empire FROM player.player_index WHERE id=?");
$stmt3->bind_param("i", $boss_id);
$stmt3->execute();
$stmt3->bind_result($empire);
$stmt3->fetch(); //fetch values
$stmt3->close();

Mysqli prepared statements SUM column value

I am trying to sum the values from a column using mysqli prepared statement with the code below but is not working. Does anyone can help me pointing what I am doing wrong? Thanks!
$stmt2 = $mysqli->prepare("SELECT SUM(col) as total FROM tb_a WHERE user=?");
$stmt2->bind_param("s", $user);
$stmt2->execute();
$op_row = $stmt2->fetch_assoc();
echo $op_row['total'];

Give this a go:
$user = "Larry"; // example
$stmt = $mysqli->prepare("SELECT SUM(col) FROM tb_a WHERE user=?");
$stmt->bind_param("s", $user);
$stmt->execute();
$stmt->bind_result($total);
$stmt->fetch();
echo $total;
or
$user = "Robert"; // example
$stmt = $mysqli->prepare("SELECT SUM(col) FROM tb_a WHERE user=?");
$stmt->bind_param("s", $user);
$stmt->execute();
$stmt->bind_result($total);
while ($stmt->fetch()) {
echo $total;
}

Try this:
$stmt2 = $mysqli->prepare("SELECT SUM(col) as total FROM tb_a WHERE user=?");
$stmt2->bind_param("s", $user);
$stmt2->execute();
$res = $stmt2->get_result();
$row = $res->fetch_assoc();
The prepared statement object do not have a fetch_assoc() method so you should first use get_result() and the result of that has a fetch_assoc()

Try this
$conn = new mysqli;
$sum = "SELECT SUM(col) as total FROM tb_a WHERE user=?";
$stmt = $conn->prepare($sum);
$stmt->bind_param("s", $user);
$sum= $stmt->execute();

Can you use more than one query with mysqli->prepare on one db connection?

I want to use a single database connection with multiple queries but use prepare and bind_param. How can i do this? I cant find it in the documentation.
Edit: i want two completely different queries.
$db = getConnection();
$query = "INSERT INTO talks(title, body, topic) VALUES(?, ?, ?)";
$stmt = $db->prepare($query);
$stmt->bind_param('sss', $title , $body, $topic);
$stmt->execute();
$stmt->close();
$query = "SELECT * WHERE title=?";
$stmt = $db->prepare($query);
$stmt->bind_param("s", $title);
$stmt->execute();
$stmt->bind_result($i, $t, $b, $to);
$stmt->fetch();
$id = $i;
$stmt->close();
Its telling me that $stmt isnt an object on the second go around

Just prepare a second query, as you did with the first.
$conn = new mysqli(....);
$stmt = $conn->prepare(....);
//Do stuff with $stmt
$stmt = $conn->prepare(...different...); //$stmt is overridden with the new query.
//Do stuff with the new $stmt.

Categories