Skip to main content


This topic contains 2 replies, has 0 voices, and was last updated by  Rob MacKay 10 years, 2 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #25230

    Rob MacKay

    everywhere I look everyone is using it, its in tutorials, its everywhere like people know what it does. dosn’t help – can someone just in plain english tell me what it does? I can see the use in using the things attached to it, like execute and bind_param – but what is "stmt_init()"

    Thx :D


    It’s for using Mysql prepared statements. Basically you can define a statement like "SELECT * FROM people WHERE lastname LIKE ?" and then specify parameters which are represented by ? in your statement.

    This has 2 chief benefits. FIrstly you prepare the statement once but you can execute it many times, changing the parameters each time. This can be handy if you have a lot of INSERT statements to execute for instance. Also, it helps to prevent against SQL injection attacks because you aren’t concatenating parameters with the SQL statement as it’s done by the server instead.

    I should point out it’s only available with the mysqli driver. Perhaps a future tutorial….


    Rob MacKay

    AHhhhh yes. I was just reading this too for all those who might be wondering whats going on…

    Thanks dave :D much appreciated :)

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

icon-link icon-logo-star icon-search icon-star