How would I mysqli::stmt->bind_param something that's considered as NULL in mysql?
I'm currently using
$stmt->bind_param('s', 'NULL');
bind_param passes variable as reference.
Try:
$null = NULL;
$stmt->bind_param('s', $null);
Related
using this procedure
CREATE PROCEDURE `Insert_New_Return_Id`(IN Insert_Stmnt varchar(1000), OUT IDNum int)
BEGIN
SET #buffer = Insert_Stmnt;
PREPARE stmt FROM #buffer;
EXECUTE stmt;
SELECT LAST_INSERT_ID() INTO IDNum;
DEALLOCATE PREPARE stmt;
END
the following code works fine :
$statement=$con->prepare("CALL Insert_New_Return_Id (\"INSERT INTO users (first_name,last_name)VALUES('test','test')\",#ID)");
$statement->execute();
$statement=$con->query("SELECT #ID");
while ($row = $statement->fetch()){echo "Last ID Insert : " . $row['#ID'];}
but when i'm trying to bind parameters the values are ?
$first_name = "test";
$last_name = "test";
$statement=$con->prepare("CALL Insert_New_Return_Id (\"INSERT INTO users (first_name,last_name)VALUES('?','?')\",#ID)");
$statement->bindParam(1, $first_name, PDO::PARAM_STR);
$statement->bindParam(2, $last_name, PDO::PARAM_STR);
$statement->execute();
$statement=$con->query("SELECT #ID");
while ($row = $statement->fetch()){echo "Last ID Insert : " . $row['#ID'];}
If i try VALUES(?,?) returns an error.
How can i make this work? Call a procedure with prepare statement and binding parameters?
Thank you
$statement->bindParam(1, 'test', PDO::PARAM_STR);
$statement->bindParam(2, 'test', PDO::PARAM_STR);
You must use a variable instead of the string 'test'. PDOStatement::bindParam binds variables by reference. By definition, you cannot do this with a string.
Use a variable instead.
$statement->bindParam(1, $str1, PDO::PARAM_STR);
$statement->bindParam(2, $str2, PDO::PARAM_STR);
Also, when you want to use CALL to call a stored procedure, just call the stored procedure by name. Do not repeat the query. Of course, this assumes you've done the work of adding the stored procedure to MySQL.
$statement=$con->prepare('CALL Insert_New_Return_Id(?,?)');
If you need a third parameter, add it to the stored procedure in MySQL and call it like this.
$statement=$con->prepare('CALL Insert_New_Return_Id(?,?,?)');
im trying to understand prepared statement. i have a simple insert code like this :
$stm = mysqli_stmt_init($conn);
$num = 123456;
if(!mysqli_stmt_prepare($stm,"insert into test.abc (a_column) values (?) "))
exit('Prepare failed');
mysqli_stmt_bind_param($stm,"s",$num);
mysqli_stmt_execute($stm);
"a_column" is bigint type.
i have wrong type in bind_param "s" and i expected this would be failed
but why this still works?
any help would be appreciate. thank you
$stmt = $this->_db->prepare("SELECT userid FROM users WHERE login = ? AND md5pass = ?");
#$stmt->bindParam(1, $login, PDO::PARAM_INT);
#$stmt->bindParam(2, $pass, PDO::PARAM_STR);
$stmt->execute(array($login,$pass));
$res = $stmt->fetch(PDO::FETCH_NUM);
Which way is better to transfer variables to prepeared statment bindParam or execute(array)? Both working but what is differense? Only PDO::PARAM checking? For SELECT I think array would be enough and for INSERT I sould use the bindParam. Am I right? Thanks to all. Just learning =)
With bindParam you can add the datatype and also important with bind param you are binding the variables by reference.
My script containing that error is this:
$stmt = $this->db->prepare('SELECT libelle,activite,adresse,tel,lat,lng FROM etablissements where type IN ('.$in_list.')');
$stmt->execute();
$stmt->bind_result($libelle,$activite,$adresse,$tel,$lat,$lng);
The php version running on the server (not localhost) is 5.2.17
$stmt is supposed to be an object with the method execute().
Seems like $this->db->prepare() is not returning the good result.
If $this->db is a mysqli() object you should bind the parameters like that:
if ($stmt = $this->db->prepare('SELECT libelle,activite,adresse,tel,lat,lng FROM etablissements where type IN (?)')) {
$stmt->bind_param("s", $in_list);
$stmt->execute();
// ...
}
Check the sql you executed,
$this->db->prepare('SELECT libelle,activite,adresse,tel,lat,lng FROM etablissements where type IN ('.$in_list.')');
does not return a valid statement object.
Swap the statement bind and execute and replace result with param, It will work fine
$stmt = $this->db->prepare('SELECT libelle,activite,adresse,tel,lat,lng FROM etablissements
where type IN ('.$in_list.')');
$stmt->bind_param($libelle,$activite,$adresse,$tel,$lat,$lng);
$stmt->execute();
Your db object is null. Check if you close the connection too early or somehow you override it to null.
How can I get the insert_id of the last record using mysqli prepare statement, for example following?
$stmt = $this->mysqli->prepare("INSERT INTO test (name) values (?)")
$stmt->bind_param('s', $name);
$stmt->execute();
$new_id = $this->mysqli->insert_id; (after $stmt->execute())
mysqli->insert_id