SitePoint Sponsor

User Tag List

Results 1 to 14 of 14
  1. #1
    SitePoint Enthusiast
    Join Date
    Jun 2005
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question How does mysqli bind/execute class work?

    Look at the mysqli examples on php.net

    PHP Code:
    $stmt $mysqli->prepare("INSERT INTO CountryLanguage VALUES (?, ?, ?, ?)");
    $stmt->bind_param('sssd'$code$language$official$percent);

    $code 'DEU';
    $language 'Bavarian';
    $official "F";
    $percent 11.2;

    $stmt->execute(); 
    The vars are assigned after bind_param, and its not passed to execute, how does the class know/get what info is to be executed? Since the vars aint global? Or are bind_param setting the variables to global? If thats the case isn't that a security issue? I always thought globals is evil

  2. #2
    SitePoint Addict
    Join Date
    Jan 2005
    Location
    United Kingdom
    Posts
    208
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'd imagine that the variables are passed by reference to the bind_param() method, so changes to their value will be reflected.

  3. #3
    SitePoint Enthusiast
    Join Date
    Jun 2005
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I did a test and i looks like bind_param makes the vars global:

    PHP Code:
    <?php
    $mysqli 
    = new mysqli("localhost""root""""testdb");
       
    /* check connection */
    if (mysqli_connect_errno()) {
       
    printf("Connect failed: %s\n"mysqli_connect_error());
       exit();
    }
     
    /* Prepare an insert statement */
    $query "INSERT INTO myCity (Name, CountryCode, District) VALUES (?,?,?)";
    $stmt $mysqli->prepare($query);

    $stmt->bind_param("sss"$val1$val2$val3);

    $val1 'Stuttgart';
    $val2 'DEU';
    $val3 'Baden-Wuerttemberg';

    echo 
    $GLOBALS['val1']."<br />";
    echo 
    $GLOBALS['val2']."<br />";
    echo 
    $GLOBALS['val3']."<br />";

    /* Execute the statement */
    $stmt->execute();

    $val1 'Bordeaux';
    $val2 'FRA';
    $val3 'Aquitaine';

    echo 
    $GLOBALS['val1']."<br />";
    echo 
    $GLOBALS['val2']."<br />";
    echo 
    $GLOBALS['val3']."<br />";

    /* Execute the statement */
    $stmt->execute();

    /* close statement */
    $stmt->close();

    $mysqli->close();
    ?>
    Outputs:
    Stuttgart
    DEU
    Baden-Wuerttemberg
    Bordeaux
    FRA
    Aquitaine

    Edit:

    This can't be good? EVIL or NOT?

  4. #4
    SitePoint Zealot
    Join Date
    Oct 2004
    Location
    Worcester
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is this code within a function? Otherwise, you've made them global by definition...

  5. #5
    SitePoint Addict
    Join Date
    Jan 2005
    Location
    United Kingdom
    Posts
    208
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Indeed as Akrabat says they are defined in global scope so would naturally appear in the $GLOBALS array.

    A quick look at the manual reveals that bind_param() does take it's parameters by reference.
    Code:
    class mysqli_stmt { 
    
    bool bind_param ( string types, mixed &var1 [, mixed &...] )
    
    } )

  6. #6
    SitePoint Enthusiast
    Join Date
    Jun 2005
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ah ok my fault then, thanks for clearing it out

  7. #7
    SitePoint Enthusiast
    Join Date
    Jun 2005
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    An update... i have my own mysql class that passes vars and queries to mysqli. Yes i know i could extend the mysqli class but i would like to try it this way for now
    I would like to implement mysqlis statements into that class but i dont know how to pass the vars to bind_param.

    In the statement class i have
    PHP Code:
    public function bind($type$var) {
        
    mysqli_stmt_bind_param($this->stmt$type$var);

    Wich works fine when there only is one var:
    $stmt->bind("i", $testvar);

    but how to pass along more vars?
    $stmt->bind("i", $testvar1, $testvar2);

    I have looked at func_get_args but i cant get it to work together.

  8. #8
    SitePoint Zealot
    Join Date
    Oct 2004
    Location
    Worcester
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Try something like:
    PHP Code:
    public function bind($type$var) {
         
    $args func_get_args();
         
    $params array_merge(array($this->stmt),$args);
         
    call_user_func_array('mysqli_stmt_bind_param'$params);

    If you do it this way, you don't actually need the function parameters defined at all, except for documentation purposes.

  9. #9
    SitePoint Enthusiast
    Join Date
    Jun 2005
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Works like a charm thank you so much!

    When you say "function parameters" is that equal to bind($type, $var)?

  10. #10
    SitePoint Zealot
    Join Date
    Oct 2004
    Location
    Worcester
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes.

    PHP Code:
    public function bind() {
        
    $args func_get_args();
        
    $params array_merge(array($this->stmt),$args);
        
    call_user_func_array('mysqli_stmt_bind_param'$params);

    would work exactly the same, except that you now need to remember that the first parameter to bind() is $type.

  11. #11
    SitePoint Enthusiast
    Join Date
    Jun 2005
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks, the class is getting complex now

    I guess i have antoher problem with mysqli_stmt_bind_result.

    Statement:
    PHP Code:
    public function execute() {
        
    mysqli_stmt_execute($this->stmt);
    }
        
    public function 
    bind_result($var) { 
            
    $args func_get_args(); 
            
    $params array_merge(array($this->stmt),$args); 
            
    call_user_func_array('mysqli_stmt_bind_result'$params); 
    }
        
    public function 
    fetch() {
        
    $this->record mysqli_stmt_fetch($this->stmt);
        return (
    $this->record !== NULL);

    In the app:
    PHP Code:
    $stmt $db->prepare("SELECT title FROM entries WHERE id=2");
    $stmt->execute();
    $stmt->bind_result($col1);

    while (
    $stmt->fetch()) {
        echo 
    $col1;

    Nothing gets printed out, and i don't know how to debug. The query is right..

  12. #12
    SitePoint Enthusiast
    Join Date
    Jun 2005
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    After much work and help from google it seems almost impossible to get it to work.
    I have tried with
    $stmt->bind_result('$col1');
    To send the name of the var to the class but still no luck.. could it be that it is not possible to accomplish this?

  13. #13
    SitePoint Member
    Join Date
    Feb 2006
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by jessica_s76
    After much work and help from google it seems almost impossible to get it to work.
    I have tried with
    $stmt->bind_result('$col1');
    To send the name of the var to the class but still no luck.. could it be that it is not possible to accomplish this?
    I think it is, but it won't be easy

    this is what I have so far (nowhere near finished):
    PHP Code:
    <?php
    class dbAbstractMysqli {
        public function 
    __construct($host$user$pass$db) {
            
    $this->link = new MySQLI($host$user$pass$db);
            return 
    $this->link;
        }
        
        public function 
    query($query) {
            if(
    is_array($query) and count($query) > 1) {
                
    $params $query;
                
    $query $query[0];
                
                
    $stmt $this->link->prepare($query);
                
                if(
    $stmt) {
                    
    array_shift($params);
                    
    $types str_repeat("s"count($params));
                    
    array_unshift($params$types);
                    
                    
    call_user_func_array(array($stmt"bind_param"), $params);
                    
    $stmt->execute();
                    
                    
    $stmt->store_result();
                    
    $result $stmt->result_metadata();
                    
                    
    $cols = array();
                    foreach(
    $result->fetch_fields() AS $column) {
                        
    array_push($cols$column->name);
                    }
                    
                    
    $stmt->free_result();
                }
            } else {
                
            }
        }
    }
    ?>
    to get some results to work with, you'll probably have to create a $results array, bind_params with the values from $cols using call_user_func_array, then loop through mysqli_stmt_fetch creating a temp associative array using the $cols as keys and their proper values, then append that to $results array, then return that.

  14. #14
    SitePoint Member
    Join Date
    Feb 2006
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    got it

    PHP Code:
        public function query($query) {
            if(
    is_array($query) and count($query) > 1) {
                
    $params $query;
                
    $query $query[0];
                
                
    $stmt $this->link->prepare($query);
                
                if(
    $stmt) {
                    
    array_shift($params);
                    
    $types str_repeat("s"count($params));
                    
    array_unshift($params$types);
                    
                    
    call_user_func_array(array($stmt"bind_param"), $params);
                    
    $stmt->execute();
                    
                    
    $stmt->store_result();
                    
    $result $stmt->result_metadata();
                    
                    
    $fields = array();
                    
    $values = array();
                    foreach(
    $result->fetch_fields() AS $field) {
                        
    array_push($fields, &$values[$field->name]);
                    }
                    
    call_user_func_array(array($stmt"bind_result"), $fields);
                    
                    
    $results = new array();
                    while(
    $stmt->fetch()) {
                        
    $temp = array();
                        foreach(
    $values AS $key => $val) {
                            
    $temp[$key] = $val;
                        }
                        
    array_push($results$temp);
                    }
                    
                    
    $stmt->free_result();
                    
    $stmt->close();
                    
                    return 
    $results;
                }
            } else {
                
            }
        } 
    now to properly set the variable types in mysqli_stmt_bind_param


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •