Sometimes, we want to include a PHP variable inside a MySQL statement
In this article, we’ll look at how to include a PHP variable inside a MySQL statement
How to include a PHP variable inside a MySQL statement?
To include a PHP variable inside a MySQL statement, we can create prepared statements.
For instance, we write
$first_name = "jane";
$last_name = 'smith'
$query = "INSERT INTO contents (first_name, last_name, description)
VALUES(?, ?, 'whatever')";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("ss", $first_name, $last_name);
$stmt->execute();
to call $mysqli->prepare with $query to create a prepared statement from the string.
The ? symbol is the placeholder for the the values
Conclusion
To iterate over an array in JavaScript, we can use the for-of loop or the JavaScript array forEach method.
We call bind_param with the values we want to replace the ? with in the $query string.
"ss" means both placeholders are strings.
Escaping is done automatically to prevent SQL injection.
Finally, we call execute to run the query.
Conclusion
To include a PHP variable inside a MySQL statement, we can create prepared statements.
