Skip to main content

Forums

This topic contains 2 replies, has 0 voices, and was last updated by  Rob MacKay 9 years, 11 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #25230

    Rob MacKay
    Keymaster

    everywhere I look everyone is using it, its in tutorials, its everywhere like people know what it does. php.net dosn’t help – can someone just in plain english tell me what it does? I can see the use in using the things attached to it, like execute and bind_param – but what is "stmt_init()"

    Thx :D

    #59531

    It’s for using Mysql prepared statements. Basically you can define a statement like "SELECT * FROM people WHERE lastname LIKE ?" and then specify parameters which are represented by ? in your statement.

    This has 2 chief benefits. FIrstly you prepare the statement once but you can execute it many times, changing the parameters each time. This can be handy if you have a lot of INSERT statements to execute for instance. Also, it helps to prevent against SQL injection attacks because you aren’t concatenating parameters with the SQL statement as it’s done by the server instead.

    I should point out it’s only available with the mysqli driver. Perhaps a future tutorial….

    #59532

    Rob MacKay
    Keymaster

    AHhhhh yes. I was just reading this too for all those who might be wondering whats going on…

    http://www.dreamincode.net/forums/showtopic54239.htm

    Thanks dave :D much appreciated :)

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

icon-link icon-logo-star icon-search icon-star