- PHP Basics
- Learn PHP
- PHP Comments
- PHP Data Types
- PHP Variables
- PHP Operators
- PHP echo
- PHP print
- PHP echo vs. print
- PHP if else
- PHP switch
- PHP for Loop
- PHP while Loop
- PHP do...while Loop
- PHP foreach Loop
- PHP break and continue
- PHP exit()
- PHP exit() vs. break
- PHP isset()
- PHP Arrays
- PHP print_r()
- PHP unset()
- PHP Strings
- PHP Functions
- PHP File Handling
- PHP File Handling
- PHP Open File
- PHP Create a File
- PHP Write to File
- PHP Read File
- PHP feof()
- PHP fgetc()
- PHP fgets()
- PHP Close File
- PHP Delete File
- PHP Append to File
- PHP Copy File
- PHP file_get_contents()
- PHP file_put_contents()
- PHP file_exists()
- PHP filesize()
- PHP Rename File
- PHP fseek()
- PHP ftell()
- PHP rewind()
- PHP disk_free_space()
- PHP disk_total_space()
- PHP Create Directory
- PHP Remove Directory
- PHP Get Files/Directories
- PHP Get filename
- PHP Get Path
- PHP filemtime()
- PHP file()
- PHP include()
- PHP require()
- PHP include() vs. require()
- PHP mysqli Tutorial
- PHP mysqli Tutorial
- PHP and MySQL Setup
- PHP mysqli: Create Database
- PHP mysqli: Create Table
- PHP mysqli: Insert Record
- PHP mysqli: Update Record
- PHP mysqli: Fetch Record
- PHP mysqli: Delete Record
- PHP mysqli: SignUp Page
- PHP mysqli: LogIn Page
- PHP mysqli: Store User Data
- PHP mysqli Functions
- PHP mysqli_connect()
- PHP mysqli_close()
- PHP mysqli_connect_errno()
- PHP mysqli_connect_error()
- PHP mysqli_query()
- PHP mysqli_fetch_row()
- PHP mysqli_fetch_assoc()
- PHP mysqli_fetch_array()
- PHP mysqli_free_result()
- PHP mysqli_error()
- PHP mysqli_prepare()
- PHP mysqli_stmt_bind_param()
- PHP mysqli_stmt_execute()
- PHP mysqli_stmt_fetch()
- PHP mysqli_stmt_store_result()
- PHP mysqli_stmt_num_rows()
- PHP mysqli_stmt_bind_result()
- PHP mysqli_stmt_get_result()
- PHP mysqli_result class
- PHP mysqli_report()
- PHP error_reporting()
- PHP mysqli_real_escape_string()
- PHP htmlspecialchars()
- PHP Misc Topics
- PHP Object Oriented
- PHP new Keyword
- PHP header()
- PHP getallheaders()
- PHP Cookies
- PHP Sessions
- PHP Date and Time
- PHP GET vs. POST
- PHP File Upload
- PHP Image Processing
PHP bind_param() and mysqli_stmt_bind_param()
This article is created to cover the two functions in PHP, which are:
Both functions are used to bind variables to a prepared statement as parameters. The only difference is that bind_param() is used with object-oriented script, whereas mysqli_stmt_bind_param() is used with procedural script.
PHP bind_param()
The PHP bind_param() function is used to bind variables to a prepared statement as parameters in PHP mysqli object-oriented style. For example:
<?php
$server = "localhost";
$user = "root";
$pass = "";
$db = "codescracker";
$conn = new mysqli($server, $user, $pass, $db);
if($conn->connect_errno)
{
echo "Database connection failed!<BR>";
echo "Reason: ", $conn->connect_error;
exit();
}
$sql = "INSERT INTO `customer`(`name`, `age`, `email`) VALUES (?, ?, ?)";
$stmt = $conn -> prepare($sql);
$stmt -> bind_param("sis", $name, $age, $email);
$name = "Susan";
$age = 35;
$email = "susan@xyz.com";
if($stmt -> execute())
{
echo "Record inserted successfully.";
// block of code to process further
}
$conn->close();
?>
The output produced by the above PHP example on bind_param() is shown in the snapshot given below:
Note: The mysqli() function is used to open a connection to the MySQL database server in object-oriented style.
Note: The new keyword is used to create a new object.
Note: The connect_errno is used to get or return the error code (if any) from the last connect call in object-oriented style.
Note: The connect_error is used to get the error description (if any) from the last connection in object-oriented style.
Note: The prepare() function is used to prepare an SQL statement before its execution on the MySQL database in object-oriented style, to avoid SQL injection.
Note: The execute() function is used to execute a prepared statement on the MySQL database in object-oriented style.
Note: The close() function is used to close an opened connection to the MySQL database in object-oriented style.
The above example can also be written as:
<?php $conn = new mysqli("localhost", "root", "", "codescracker"); if(!$conn->connect_errno) { $sql = "INSERT INTO `customer`(`name`, `age`, `email`) VALUES (?, ?, ?)"; $stmt = $conn -> prepare($sql); $stmt -> bind_param("sis", $name, $age, $email); $name = "Susan"; $age = 35; $email = "susan@xyz.com"; $stmt -> execute(); } $conn->close(); ?>
Note: In the above example, the sis refers to string integer string that is used to define the types of three parameters given to bind_param(): $name (s for string), $age (i for integer), and $email (s for string).
PHP bind_param() Syntax
The syntax of the bind_param() function in PHP is:
$mysqli_stmt -> bind_param(types, variables..);
The types parameter is used to specify the parameters types. Here are the characters, used to specify the type:
- s: Used for string types
- i: Used for integer types
- d: Used for double types
- b: Used for blob to sent in packets
The variables are basically a set of parameters that are used to replace the question marks (?) in the prepared SQL statement. For example:
<?php $conn = new mysqli("localhost", "root", "", "codescracker"); if(!$conn->connect_errno) { $stmt = $conn->prepare("SELECT name FROM customer where id=?"); if($stmt==true) { $stmt->bind_param('i', $id); $id = 2; if($stmt->execute()) { $stmt->bind_result($res); $stmt->fetch(); echo $res; } } } $conn->close(); ?>
Since in the table named customer, available in the database codescracker, at id number 2, the name Charlotte is stored. Therefore, the output should be:
Charlotte
Note: The bind_result() function is used to link or bind variables to a prepared statement so that the results can be stored in an object-oriented way.
Note: The fetch() function is used to fetch or get the results from a prepared statement into bound variables in an object-oriented style.
PHP mysqli_stmt_bind_param()
The PHP mysqli_stmt_bind_param() function is used to bind variables to prepared statements as parameters in PHP mysqli procedural style. For example:
<?php $conn = mysqli_connect("localhost", "root", "", "codescracker"); if(!mysqli_connect_errno()) { $sql = "INSERT INTO `customer`(`name`, `age`, `email`) VALUES (?, ?, ?)"; $stmt = mysqli_prepare($conn, $sql); mysqli_stmt_bind_param($stmt, "sis", $name, $age, $email); $name = "Susan"; $age = 35; $email = "susan@xyz.com"; mysqli_stmt_execute($stmt); } mysqli_close($conn); ?>
Note: The mysqli_connect() function is used to open a connection to the MySQL database server in procedural style.
Note: The mysqli_connect_errno() function is used to get or return the error code (if any) from the last connect call in procedural style.
Note: The mysqli_prepare() function is used to prepare an SQL statement before its execution on the MySQL database in procedural style, to avoid SQL injection.
Note: The mysqli_stmt_bind_param() function is used to bind variables to a prepared statement as parameters in procedural style.
Note: The mysqli_stmt_execute() function is used to execute a prepared statement on the MySQL database in procedural style.
Note: The mysqli_close() function is used to close an opened connection to the MySQL database in procedural style.
PHP mysqli_stmt_bind_param() Syntax
The syntax of the mysqli_stmt_bind_param() function in PHP is:
mysqli_stmt_bind_param($mysqli_stmt, types, parameters...);
« Previous Tutorial Next Tutorial »