- PHP Basics
- PHP Home
- PHP Environment Setup
- PHP Getting Started
- PHP Basic Syntax
- PHP echo
- PHP print
- PHP echo Vs print
- PHP Comments
- PHP Data Types
- PHP Variables
- PHP Variable Scope
- PHP gettype()
- PHP Constants
- PHP Operators
- PHP Program Control
- PHP Decision Making
- PHP if-elseif-else
- PHP switch
- PHP Loops
- PHP for Loop
- PHP while Loop
- PHP do-while Loop
- PHP foreach Loop
- PHP break & continue
- PHP Popular Topics
- PHP Arrays
- PHP print_r()
- PHP Strings
- PHP Functions
- PHP References
- PHP Object Oriented
- PHP Object Oriented
- PHP Classes & Objects
- PHP Member Variable
- PHP Member Function
- PHP Encapsulation
- PHP Data Abstraction
- PHP Inheritance
- PHP Constructor Destructor
- PHP Polymorphism
- PHP Web Developments
- PHP Web Developments
- PHP GET & POST
- PHP Read Requested Data
- PHP File Handling (I/O)
- PHP File Handling (I/O)
- PHP fopen() | Open File
- PHP Create a File
- PHP fwrite() | Write to File
- PHP fread() | Read File
- PHP feof()
- PHP fgetc()
- PHP fgets()
- PHP fclose() | Close File
- PHP unlink() | Delete File
- PHP Append to File
- PHP copy() | Copy File
- PHP file_get_contents()
- PHP file_put_contents()
- PHP file_exists()
- PHP filesize()
- PHP rename() | Rename File
- PHP fseek()
- PHP ftell()
- PHP rewind()
- PHP disk_free_space()
- PHP disk_total_space()
- PHP mkdir() | Create Directory
- PHP rmdir() | Remove Directory
- PHP glob() | Get Files/Directories
- PHP basename() | Get filename
- PHP dirname() | Get Path
- PHP filemtime()
- PHP file()
- PHP Advanced
- PHP Cookies
- PHP Sessions
- PHP Send Emails
- PHP Serialization
- PHP Namespaces
- PHP File Upload
- PHP Date and Time
- PHP Image Processing
- PHP Regular Expression
- PHP Predefined Variables
- PHP Error Handling
- PHP Debugging
- PHP and MySQLi Tutorial
- PHP and MySQLi Home
- PHP MySQLi Setup
- PHP MySQLi Create DB
- PHP MySQLi Create Table
- PHP MySQLi Connect to DB
- PHP MySQLi Insert Record
- PHP MySQLi Fetch Record
- PHP MySQLi Update Record
- PHP MySQLi Delete Record
- PHP MySQLi SignUp Page
- PHP MySQLi LogIn Page
- PHP MySQLi Store User Data
- PHP MySQLi Close Connection
- PHP connect_errno
- PHP connect_error
- PHP query()
- PHP fetch_row()
- PHP fetch_assoc()
- PHP fetch_array()
- PHP free_result()
- PHP error
- PHP prepare()
- PHP bind_param()
- PHP execute()
- PHP fetch()
- PHP store_result()
- PHP num_rows
- PHP bind_result()
- PHP get_result()
- PHP mysqli_result Class
- PHP Error Constants
- PHP mysqli_driver()
- PHP Misc
- PHP error_reporting()
- PHP Escape Special Characters
- PHP htmlspecialchars()
- PHP new
- PHP header()
- PHP getallheaders()
- PHP empty()
- PHP isset()
- PHP unset()
- PHP exit()
- PHP exit Vs break
- PHP include()
- PHP require()
- PHP include() Vs require()
- PHP AJAX & XML
- PHP AJAX
- PHP XML
- PHP File Handling Functions
- PHP abs()
- PHP Test
- PHP Online Test
- Give Online Test
- All Test List
PHP query() and mysqli_query()
This article is created to cover the two functions of PHP, that are:
- query()
- mysqli_query()
Both functions are used to perform SQL query against the MySQL database using PHP MySQLi script. The only difference is, the query() uses with PHP MySQLi object-oriented script, whereas the mysqli_query() uses with PHP MySQLi procedural script.
PHP query()
The PHP query() function is used to perform an SQL query against MySQL database, in PHP MySQLi object-oriented style. For example:
<?php $server = "localhost"; $user = "root"; $pass = ""; $db = "codescracker"; $conn = new mysqli($server, $user, $pass, $db); if($conn->connect_errno) { echo "Database connection failed!<BR>"; echo "Reason: ", $conn->connect_error; exit(); } $sql = "INSERT INTO `customer`(`name`, `age`, `email`) VALUES ('Michael', '25', 'michael@xyz.com')"; $qry = $conn->query($sql); if($qry) { echo "Data inserted successfully."; // block of code, to process further } else { echo "Something went wrong!<BR>"; echo "Error Description: ", $conn->error; } $conn->close(); ?>
The output produced by above PHP example on query() function, is shown in the snapshot given below:
Note - The mysqli() is used to open a connection to the MySQL database server, in object-oriented style.
Note - The new keyword is used to create a new object.
Note - The connect_errno is used to get/return the error code (if any) from last connect call, in object-oriented style.
Note - The connect_error is used to get the error description (if any) from last connection, in object-oriented style.
Note - The exit() is used to terminate the execution of the current PHP script.
Note - The error is used to return the description of error (if any), by the most recent function call, in object-oriented style.
Note - The close() is used to close an opened connection, in object-oriented style.
The above example can also be written in this way:
<?php $conn = new mysqli("localhost", "root", "", "codescracker"); if(!$conn->connect_errno) { $sql = "INSERT INTO `customer`(`name`, `age`, `email`) VALUES ('Michael', '25', 'michael@xyz.com')"; if($conn->query($sql)) { echo "Data inserted successfully."; // block of code, to process further } } $conn->close(); ?>
PHP query() Syntax
The syntax of query() function in PHP, is:
connectionVariable -> query(SQLcode, mode)
The mode parameter is optional, and is used to indicate how the result will be returned. The following three values that can be used to define this parameter:
- MYSQLI_STORE_RESULT - This is the default value. Used to return result object with buffered result set
- MYSQLI_USE_RESULT - Used to return result object with un-buffered result set
- MYSQLI_ASYNC - Used not to return result set immediately. The mysqli_poll() function, is then, to get results
PHP mysqli_query()
The PHP mysqli_query() function is used when we need to perform some query against the MySQL database in PHP MySQLi procedural style. For example:
<?php $conn = mysqli_connect("localhost", "root", "", "codescracker"); if(!mysqli_connect_errno()) { $sql = "INSERT INTO `customer`(`name`, `age`, `email`) VALUES ('Olivia', '28', 'codescracker.com@gmail.com')"; if(mysqli_query($conn, $sql)) { echo "Data inserted successfully."; // block of code, to process further } } mysqli_close($conn); ?>
Note - The mysqli_connect() is used to open a connection to the MySQL database server, in procedural style.
Note - The mysqli_connect_errno() is used to get/return the error code (if any) from last connect call, in procedural style.
Note - The mysqli_close() is used to close an opened connection to the MySQL database, in procedural style.
PHP mysqli_query() Syntax
The syntax of mysqli_query() function in PHP, is:
mysqli_query(connectionVariable, SQLcode, mode)
Security Concern While Using query() Or mysqli_query()
While using either query() or mysqli_query(), to execute some query on the database, there are a lot of security concern comes into picture. Therefore we need to make sure, user can not use some malicious code to get into the database. This concern sometime called as SQL injection.
To avoid SQL injection against your database, use parameterized prepared statements, along with filtered parameters. For example:
<?php $conn = new mysqli("localhost", "root", "", "codescracker"); if(!$conn->connect_errno) { $sql = "INSERT INTO `customer`(`name`, `age`, `email`) VALUES (?, ?, ?)"; $qry = $conn->prepare($sql); $qry->bind_param("sis", $name, $age, $email); $name = $conn->real_escape_string("Ethan"); $age = 31; $email = $conn->real_escape_string("ethan@xyz.com"); $qry->execute(); } $conn->close(); ?>
In above example, the "sis" refers to, string integer string, the types of three parameters given to bind_param(), that are $name, $age, and $email.
Note - The prepare() is used to prepare an SQL statement before its execution on the MySQL database, in object-oriented style, to avoid SQL injection.
Note - The bind_param() is used to bind variables to a prepared statement, as parameters, in object-oriented style.
Note - The real_escape_string() is used to escape special characters from a string.
Note - The execute() is used to execute a prepared statement on the MySQL database, in object-oriented style.
« Previous Tutorial Next Tutorial »
Like/Share Us on Facebook 😋