user4429890
Reputation:
Use prepared statements in MySQL-PHP-Code
I'm a newbie so my question is maybe a little bit strange. I'm trying to use prepared statements for the following code:
<?php
require_once(__DIR__.'/config.php');
$value = $_POST["value"];
$ort = $_GET["ort"];
$stmt = $pdo->prepare('SELECT * FROM Suchmaschine WHERE firma = :firma AND ort = :ort');
$stmt->execute(array('firma' => $value, 'ort' => $value));
foreach ($stmt as $row) {
echo "<a href=".$row['link'].">".$row['firma']."</a><br>";
}
?>
I tried some ways, but it doesn't work.
Upvotes: 0
Views: 62
Answers (2)
s27840
Reputation: 477
Firstly this line you are missing : and a wrong variable name, should be:
$stmt->execute(array(':firma' => $value, ':ort' => $ort));
Then you are not fetching the results.
$results = $stmt->fetchAll();
foreach( $results as $row ) {
echo "<a href=".$row['link'].">".$row['firma']."</a><br>";
}
Upvotes: 1
Jonathan Harvey
Reputation: 154
The issue is on the followling line:
$stmt->execute(array('firma' => $value, 'ort' => $value));
should be changed to:
$stmt->execute(array(':firma' => $value, ':ort' => $value));
Please note the addition of the colons prepending the strings passed as the keys to the array passed to the execute statement.
See here: http://php.net/manual/en/pdostatement.execute.php
Upvotes: 0
Related Questions
- How can I prevent SQL injection in PHP?
- How to import an SQL file using the command line in MySQL?
- Deleting an element from an array in PHP
- Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
- MySQL error code: 1175 during UPDATE in MySQL Workbench
- How does PHP 'foreach' actually work?
- Should I use the datetime or timestamp data type in MySQL?
- Why shouldn't I use mysql_* functions in PHP?
- When should I use 'self' over '$this'?
- Which MySQL data type to use for storing boolean values