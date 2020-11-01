Hello there,

I’m looking for a tutorial or example about the correct way to handle this quite common query through a mysqli prepared statement.

$stmt = $con -> prepare ("SELECT * FROM products WHERE published = 'Yes' AND category IN ='dresses, skirts' AND color IN 'blue, pink, yellow' AND price BETWEEN '10' AND '15' ORDER by price ASC, BY new DESC");

Here is an exerpt from my code, but I’m stuck. I don’t know how to handle it.

if (isset($_POST['action'])) { $published='Y'; $sort_products = $con -> prepare ( "select * from products where published = ? "); if ( isset ($_POST['product_category'])) { $array= $_POST['product_category']; $product_category = implode(',', array_fill(0, count($array), '?')); // creates a string containing ?,?,? $sort_products .= "AND p_cat_id IN (". $product_category." ) "; call_user_func_array(array($sort_products, 'bind_param'), $params_category); } if ( isset ($_POST['product_main_color'])) { $array= $_POST['product_main_color']; $product_brand = implode(',', array_fill(0, count($array), '?')); // creates a string containing ?,?,? $array[] = $this->getTime(); $types = str_repeat('i', count($array)); $params_color = array($types); foreach ($array as $key => $value) { $params_color[] = &$array[$key]; } $sort_products .= "AND product_main_color IN (". $product_main_color." ) "; call_user_func_array(array($sort_products, 'bind_param'), $params_color); } if ( isset ($_POST['price_from']) && isset ($_POST['price_upto']) ) { $sort_products .= "AND price BETWEEN ? AND ? "; } if ( isset ($_POST['order_1']) ) { $sort_products .= "ORDER BY ? "; } if ( isset ($_POST['order_2']) ) { $sort_products .= ", ? "; } $sort_products -> bind_params /// How to bind all of these params ?

How to bind these params all together ? What’s the correct way of writing this query ?

Thanks