CODEWITHSUNDEEP
phpmysqlprepared-statement
atrueresistance
atrueresistance

Reputation: 1368

php prepared statement fails.

I'm guessing I'm missing something, but I can't seem to get this statement to work. When I load it into the page I get the white screen of death.

Here is what I'm trying to get to run

         $statement = $db-> prepare("INSERT INTO `simplyaccomplished`.`blog_comment` (`ID`, `comment`, `date`, `ip_address`, `valid`, `name`, `blogcomment_ID`) VALUES (NULL, ?, NOW(), ?, 0, ?, ? );");
         $statement -> bind_param("sssi",$comment, $ipaddress, $name , $comment_id);
         $statement -> execute($statement);
         $statement -> close();

The weird thing is this runs perfectly

         $query = ("INSERT INTO `simplyaccomplished`.`blog_comment` (`ID`, `comment`, `date`, `ip_address`, `valid`, `name`, `blogcomment_ID`) VALUES (NULL,'$comment' , NOW(), '$ipaddress', '0', '$name', '$comment_id');");
         $result =$db->query($query);

If someone could tell me where I'm going wrong I would greatly appreciate it!

Upvotes: 0

Views: 1306

Answers (2)

KV Prajapati
KV Prajapati

Reputation: 94625

Try mysqli method,

$statement = $db-> prepare("INSERT INTO `simplyaccomplished`.`blog_comment` (`ID`, 
      `comment`, `date`, `ip_address`, `valid`, `name`, `blogcomment_ID`) 
         VALUES (?, ?, ?, ?,?, ?, ?)");
$statement -> bind_param("ssssisi",
         null,$comment,NOW(),$ipaddress, 0,$name , $comment_id);

Take a look at PDO and MySqlI.

Upvotes: 0

Matchu
Matchu

Reputation: 85784

The PDO method you're looking for is named bindParam, not bind_param :)

Upvotes: 3

Related Questions