mysqli::prepare

mysqli_prepare

(PHP 5, PHP 7, PHP 8)

mysqli::prepare -- mysqli_preparePrepares an SQL statement for execution

Description

Object-oriented style

public mysqli::prepare(string $query): mysqli_stmt|false

Procedural style

mysqli_prepare(mysqli $mysql, string $query): mysqli_stmt|false

Prepares the SQL query, and returns a statement handle to be used for further operations on the statement. The query must consist of a single SQL statement.

The statement template can contain zero or more question mark (?) parameter markers⁠—also called placeholders. The parameter markers must be bound to application variables using mysqli_stmt_bind_param() before executing the statement.

Parameters

mysql

Procedural style only: A mysqli object returned by mysqli_connect() or mysqli_init()

query

The query, as a string. It must consist of a single SQL statement.

The SQL statement may contain zero or more parameter markers represented by question mark (?) characters at the appropriate positions.

Note:

The markers are legal only in certain places in SQL statements. For example, they are permitted in the VALUES() list of an INSERT statement (to specify column values for a row), or in a comparison with a column in a WHERE clause to specify a comparison value. However, they are not permitted for identifiers (such as table or column names).

Return Values

mysqli_prepare() returns a statement object or false if an error occurred.

Examples

Example #1 mysqli::prepare() example

Object-oriented style

<?php

mysqli_report(MYSQLI_REPORT_ERROR MYSQLI_REPORT_STRICT);
$mysqli = new mysqli("localhost""my_user""my_password""world");

$city "Amersfoort";

/* create a prepared statement */
$stmt $mysqli->prepare("SELECT District FROM City WHERE Name=?");

/* bind parameters for markers */
$stmt->bind_param("s"$city);

/* execute query */
$stmt->execute();

/* bind result variables */
$stmt->bind_result($district);

/* fetch value */
$stmt->fetch();

printf("%s is in district %s\n"$city$district);

Procedural style

<?php

mysqli_report(MYSQLI_REPORT_ERROR MYSQLI_REPORT_STRICT);
$link mysqli_connect("localhost""my_user""my_password""world");

$city "Amersfoort";

/* create a prepared statement */
$stmt mysqli_prepare($link"SELECT District FROM City WHERE Name=?");

/* bind parameters for markers */
mysqli_stmt_bind_param($stmt"s"$city);

/* execute query */
mysqli_stmt_execute($stmt);

/* bind result variables */
mysqli_stmt_bind_result($stmt$district);

/* fetch value */
mysqli_stmt_fetch($stmt);

printf("%s is in district %s\n"$city$district);

The above examples will output:

Amersfoort is in district Utrecht

See Also