Reply to Preprared statements procedural style

Your name:

Reply:


Posted by The Eclectic Electric on 09/25/93 11:56

Hi, I'm teaching myself PHP/MySQL with the Welling/Thomson book and it's
been fun so far. I've got stuck on prepared statements though as the book
sort of abandons it (I guess it wasn't fully formed when it was written).
It's something I'm likely to need so I don't want to skip it and so far my
searches on the internet have drawn a blank.

It seems that the query itself is working fine (it produces the correct
number of results according to the parameters I enter), but the results
aren't populating the variables.

My thanks for any advice you can offer.

+e

My bind_result statement looks like this:

mysqli_stmt_bind_result($stmt, $v_title, $v_author, $v_isbn, $v_price);

The rest of the code is like this:

<html>
<head>
<title>Book-O-Rama Search Results</title>
</head>
<body>
<h1>Book-O-Rama Search Results</h1>
<?php
// create short variable names
$searchtype=$_POST['searchtype'];
$searchterm=$_POST['searchterm'];
$searchterm= trim($searchterm);
if (!$searchtype || !$searchterm)
{
echo 'You have not entered search details. Please go back and try again.';
exit;
}
if (!get_magic_quotes_gpc())
{
$searchtype = addslashes($searchtype);
$searchterm = addslashes($searchterm);
}
@ $db = mysqli_connect('localhost', 'bookorama', 'bookorama123', 'books');
if (mysqli_connect_errno())
{
echo 'Error: Could not connect to database. Please try again later.';
exit;
}
$query = "select * from books where ".$searchtype." like
'%".$searchterm."%'";

$stmt = mysqli_stmt_init ( $db );
//IF ( mysqli_stmt_prepare($stmt, "select * from books where ".$searchtype."
like '%".?."%'") )
IF ( mysqli_stmt_prepare($stmt, $query) )
{
// mysqli_stmt_bind_param($stmt, "s", $searchterm);
mysqli_stmt_execute($stmt);
//

mysqli_stmt_bind_result($stmt, $v_title, $v_author, $v_isbn, $v_price);

while (mysqli_stmt_fetch($stmt))
{

echo '<p><strong>'.($i+1).'. Title: ';
echo htmlspecialchars(stripslashes($v_title));
echo '</strong><br />Author: ';
echo stripslashes($v_author);
echo '<br />ISBN: ';
echo stripslashes($v_isbn);
echo '<br />Price: ';
echo stripslashes($v_price);
echo '</p>';
}

mysqli_stmt_close($stmt);
}
ELSE
{
ECHO 'Gone wrong.';
}

mysqli_close($db);

?>
</body>
</html>

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация