0

i have a funktion that is suposed to make it easy to make prepared sql querys

here is the function

    function preparedConnection($stmt,$param){ 
    $dbUsername= 'root';
    $dbPassword='';
    $dbip = 'localhost';
    $db = '129393';

    $conn = new mysqli($dbip, $dbUsername, $dbPassword, $db);
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }
    echo $stmt."<br>";
    $stmt_db = $conn->prepare($stmt);
    echo $param;
    $stmt_db->bind_param($param);


    $stmt_db->execute();
    $stmt_db->close();
    $conn->close();
    exit();
}

here is how i use it

       $stmt = "INSERT INTO task_times (task_id, login_id, title, description,
    used_fixed_price_per_hour ,used_discount_percent, used_price_type) VALUES (?, ?, ?, ?, ?, ?, ?)";

    $param = "'iissiii', $task_id , $login_id, '$title', '$description', $used_fixed_price_per_hour, $used_discount_percent, $used_price_type";

    $db->preparedConnection($stmt,$param);

but i does not accept vaiables that are string eny help?

Improve this question
3
  • what you are trying here with $param just doesn't work. You cannot pass multiple arguments wrapped in a single string.. Commented Apr 16, 2019 at 9:08
  • and there is not a hack for this ? Commented Apr 16, 2019 at 9:11
  • 2
    either make $param an array and use things like call_user_func_array to call bind_param; or use PDO where you can pass in an array as params Commented Apr 16, 2019 at 9:11

1 Answer 1

Reset to default
1

You need to pass each parameter to bind_param() individually.

A possible solution that gives you a bit more flexibility than hardcoding it, would be to use array unpacking: You pass an array with all individual values and unpack it where you need it:

$param = [
    'iissiii',
    $task_id,
    $login_id,
    // etc.
];

And in your function:

$stmt_db->bind_param(...$param);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.