Prepared statement problem

PHP
1

Hi,
i’m just getting to grips with prepared statements as this seems to be the way to go. I’ve used an example from http://php.net/manual/en/pdo.prepared-statements.php

<?php
$stmt = $dbh->prepare("SELECT * FROM REGISTRY where name = ?");
if ($stmt->execute(array($_GET['name']))) {
  while ($row = $stmt->fetch()) {
    print_r($row);
  }
}
?>

but when i run it (obviously with my own tables and database connection) i get

Warning: mysqli_stmt::execute() expects exactly 0 parameters, 1 given in example.php on line xx

The line it refers to is… if ($stmt->execute(array($_GET['name']))) {
what am i doing wrong or is this not correct or something?

2

Don’t know why they’ve posted that wrong example but execute() doesn’t require any input arguments (doc).
You have to bind parameters values first and then run execute() without any arguments:

$stmt = $dbh->prepare("SELECT * FROM REGISTRY where name = :name");
$stmt->bindParam(':name', $_GET['name']);
$stmt->execute();
3

The problem is that you’re trying to use an example from the PDO documentation with the mysqli extension.

4

ah thanks chaps.

I’ve got a working script now as i found a good example on another site.

the only annoying thing for me is that is that our server doesn’t seem to have get_result(); enabled so i have to specify each of the fields i want returned rather than loop through in the same way i would do if i was doing a normal query.

I tried the one on here http://stackoverflow.com/questions/18753262/example-of-how-to-use-bind-result-vs-get-result but it didn’t work.

so i used the one on here http://www.dreamincode.net/forums/topic/54239-introduction-to-mysqli-and-prepared-statements/

Now i need to learn how to do all the things i could do before like num_rows etc

thanks

5

If you get a message that no such function get_result exists, tell your provider to update their PHP deployment, because it’s somewhere 5 <= PHP < 5.3.