Hello there,
I’m looking for a tutorial or example about the correct way to handle this quite common query through a mysqli prepared statement.
$stmt = $con -> prepare ("SELECT * FROM products
WHERE published = 'Yes'
AND category IN ='dresses, skirts'
AND color IN 'blue, pink, yellow'
AND price BETWEEN '10' AND '15'
ORDER by price ASC, BY new DESC");
Here is an exerpt from my code, but I’m stuck. I don’t know how to handle it.
if (isset($_POST['action']))
{
$published='Y';
$sort_products = $con -> prepare ( "select * from products where published = ? ");
if ( isset ($_POST['product_category']))
{
$array= $_POST['product_category'];
$product_category = implode(',', array_fill(0, count($array), '?')); // creates a string containing ?,?,?
$sort_products .= "AND p_cat_id IN (". $product_category." ) ";
call_user_func_array(array($sort_products, 'bind_param'), $params_category);
}
if ( isset ($_POST['product_main_color']))
{ $array= $_POST['product_main_color'];
$product_brand = implode(',', array_fill(0, count($array), '?')); // creates a string containing ?,?,?
$array[] = $this->getTime();
$types = str_repeat('i', count($array));
$params_color = array($types);
foreach ($array as $key => $value)
{ $params_color[] = &$array[$key];
}
$sort_products .= "AND product_main_color IN (". $product_main_color." ) ";
call_user_func_array(array($sort_products, 'bind_param'), $params_color);
}
if ( isset ($_POST['price_from']) && isset ($_POST['price_upto']) )
{
$sort_products .= "AND price BETWEEN ? AND ? ";
}
if ( isset ($_POST['order_1']) )
{
$sort_products .= "ORDER BY ? ";
}
if ( isset ($_POST['order_2']) )
{
$sort_products .= ", ? ";
}
$sort_products -> bind_params /// How to bind all of these params ?
How to bind these params all together ? What’s the correct way of writing this query ?
Thanks