On Mon, Nov 25, 2019 at 8:06 PM Joel Hutchinson
<[email protected]> wrote:
> This proposal would leave the previous mysqli_stmt_bind_param mostly
> untouched. Instead, the two could be used in tandem
> $sql = 'SELECT name FROM db.customer WHERE record_id = ? AND shipping_zip =
> ?';
> if(isset($_GET['zip'])) $sql .= ' AND billing_zip = ?';
>
> $stmt = $db->prepare($sql);
> $stmt->bind_param('is', $_GET['record_id'], $_GET['shipping_zip']);
> if(isset($_GET['zip'])) $stmt->bind_single('s', $_GET['billing_zip'], 3);
> $stmt->execute();
> This necessitates a small change to mysqli_stmt_bind_param, in that the
> current function has a parameter check to ensure that the number of binds
> matches the number of parameters in the query (or else it emits an
> E_WARNING). That check would have to move to mysqli_stmt_execute, if it is
> still to be performed.
If `bind_param` is allowed to do incomplete bind (as in your example
where you supply 2 out of 3 required bound parameters) t
hen there's no need for additional method, as you could simply do:
if (isset($_GET['zip'])) $stmt->bind_param('s', $_GET['zip']);
--
Best regards,
Bruce Weirdan mailto:[email protected]
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
