Submit a Pull Request Report a Bug

    mysqli::prepare

    mysqli_prepare

    (PHP 5, PHP 7, PHP 8)

    mysqli::prepare -- mysqli_preparePrepares an SQL statement for execution

    Description

    Object-oriented style

    public mysqli::prepare(string $query): mysqli_stmt|false

    Procedural style

    mysqli_prepare(mysqli $mysql, string $query): mysqli_stmt|false

    Prepares the SQL query, and returns a statement handle to be used for further operations on the statement. The query must consist of a single SQL statement.

    The statement template can contain zero or more question mark (?) parameter markers⁠—also called placeholders. The parameter markers must be bound to application variables using mysqli_stmt_bind_param() before executing the statement.

    Parameters

    mysql

    Procedural style only: A mysqli object returned by mysqli_connect() or mysqli_init()

    query

    The query, as a string. It must consist of a single SQL statement.

    The SQL statement may contain zero or more parameter markers represented by question mark (?) characters at the appropriate positions.

    Note:

    The markers are legal only in certain places in SQL statements. For example, they are permitted in the VALUES() list of an INSERT statement (to specify column values for a row), or in a comparison with a column in a WHERE clause to specify a comparison value. However, they are not permitted for identifiers (such as table or column names).

    Return Values

    mysqli_prepare() returns a statement object or false if an error occurred.

    Errors/Exceptions

    If mysqli error reporting is enabled (MYSQLI_REPORT_ERROR) and the requested operation fails, a warning is generated. If, in addition, the mode is set to MYSQLI_REPORT_STRICT, a mysqli_sql_exception is thrown instead.

    Examples

    Example #1 mysqli::prepare() example

    Object-oriented style

    <?php

    mysqli_report    (MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
    $mysqli = new mysqli("localhost", "my_user", "my_password", "world");

    $city = "Amersfoort";

    /* create a prepared statement */
    $stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?");

    /* bind parameters for markers */
    $stmt->bind_param("s", $city);

    /* execute query */
    $stmt->execute();

    /* bind result variables */
    $stmt->bind_result($district);

    /* fetch value */
    $stmt->fetch();

    printf("%s is in district %s\n", $city, $district);

    Procedural style

    <?php

    mysqli_report    (MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
    $link = mysqli_connect("localhost", "my_user", "my_password", "world");

    $city = "Amersfoort";

    /* create a prepared statement */
    $stmt = mysqli_prepare($link, "SELECT District FROM City WHERE Name=?");

    /* bind parameters for markers */
    mysqli_stmt_bind_param($stmt, "s", $city);

    /* execute query */
    mysqli_stmt_execute($stmt);

    /* bind result variables */
    mysqli_stmt_bind_result($stmt, $district);

    /* fetch value */
    mysqli_stmt_fetch($stmt);

    printf("%s is in district %s\n", $city, $district);

    The above examples will output:

    Amersfoort is in district Utrecht

    See Also

    add a note

    User Contributed Notes

    There are no user contributed notes for this page.
    To Top