I am wanting to build a function to use for doing my mysqli prepared statement queries. To do so I need to by able to to dynamically build the parameters in the $stmt->bind_param() so for instance I could pass in either one or three parameters. What have below doesn't work. Any ideas?

<?php
$mysqli = new mysqli("localhost", "username", "password", "db_name");

if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}

$id = "1";
$password= "Password1";
$values = '$id,$password';

$query = "SELECT userid,email,password FROM user_personal WHERE id = ? and password = ?";

/ prepare statement /
if ($stmt = $mysqli->prepare($query)) {

// I need to be able to build the items in $values dynamically. $params works but $values creates an error.

$params = "is";
$id = "1";
$password= "Password1";
$values = '$id,$password';

$stmt->bind_param($params, $values); 


$stmt->execute(); 

/* bind variables to prepared statement */ 
$stmt->bind_result($col1, $col2, $col3); 

/* fetch values */ 
while ($stmt->fetch()) { 
    printf("%s %s %s\n", $col1, $col2, $col3); 
} 

/* close statement */ 
$stmt->close();

}
/ close connection /
$mysqli->close();

?>

    bind_param($params, $id, $password). Consider putting all the arguments to bind_param() into an array and calling call_user_func_array(). Consider also that what you're wanting to do means that you'd have to do a bunch of mucking around to make sure the prepared statement has enough bound parameters anyway.

      Write a Reply...