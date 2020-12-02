joon1: joon1: I am in puzzle with the prepare type.

When to use the prepare type?

Any time that you have variable data in the query, especially if that variable data has come from user input, you must use a prepared statement. Outside of that, there are other good reasons to use them - if you might need to worry about quotes around or inside your values, or if you’re going to call the query with multiple values over and over again as your extract from the doc below covered. In this latter case, you can prepare the statement before the loop starts, then call execute() inside the loop with your new values. Something like this pseudo-code

connect to database sql = "insert into mytable (name, email, phone) values (?, ?, ?) prep = prepare(sql) open csv file while (data = read_from_csv) { prep->execute ([data[0], data[1], data[2]) }

I’m never 100% certain when it’s a good time to use a prepared statement and when there is no need, so I’ve just got into the habit of doing it all the time now.

But my point above is that where you used prepare , you must then use execute() to actually run the query, which is the bit you’d missed out and the cause of your error.

The quote above is, I guess, the one of main characteristics of PDO.

It may be one of the main characteristics of prepared statements, but mysqli supports prepared statements too. I don’t think it’s a characteristic of PDO specifically, but then I haven’t used mysqli in any great depth, I’ve only really read about it in here. To me, the main characteristic of PDO that made me choose it over mysqli was the fact that it can connect to other databases such as Microsoft SQL Server, where mysqli can only connect to MySQL.