Select * from in MySQLi

SELECT * FROM in MySQLi

"SELECT * FROM tablename WHERE field1 = 'value' && field2 = 'value2'";

becomes

"SELECT * FROM tablename WHERE field1 = ? && field2 = ?";

which is passed to the $mysqli::prepare:

$stmt = $mysqli->prepare(
  "SELECT * FROM tablename WHERE field1 = ? && field2 = ?");
$stmt->bind_param( "ss", $value, $value2); 
// "ss' is a format string, each "s" means string
$stmt->execute();
 
$stmt->bind_result($col1, $col2);
// then fetch and close the statement

OP comments:

so if i have 5 parameters, i could potentially have "sssis" or something (depending on the types of inputs?)

Right, one type specifier per ? parameter in the prepared statement, all of them positional (first specifier applies to first ? which is replaced by first actual parameter (which is the second parameter to bind_param)).

MYSQLI - WHERE IN array

Each element needs quotes around it

$list = "'food', 'drink', 'cooking'";
$query = "SELECT * FROM table WHERE stuff IN ($list)";

Or if you had an array

$array = array("food","drink","cooking");
$query = "SELECT * FROM table WHERE stuff IN (".implode(',', $array).")";

Single result from database using mysqli

When just a single result is needed, then no loop should be used. Just fetch the row right away.

  • In case you need to fetch the entire row into associative array:

      $row = $result->fetch_assoc();

  • in case you need just a single value

      $row = $result->fetch_row();
      $value = $row[0] ?? false;

The last example will return the first column from the first returned row, or false if no row was returned. It can be also shortened to a single line,

$value = $result->fetch_row()[0] ?? false;

Below are complete examples for different use cases

Variables to be used in the query

When variables are to be used in the query, then a prepared statement must be used. For example, given we have a variable $id:

$query = "SELECT ssfullname, ssemail FROM userss WHERE id=?";
$stmt = $conn->prepare($query);
$stmt->bind_param("s", $id);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();

// in case you need just a single value
$query = "SELECT count(*) FROM userss WHERE id=?";
$stmt = $conn->prepare($query);
$stmt->bind_param("s", $id);
$stmt->execute();
$result = $stmt->get_result();
$value = $result->fetch_row()[0] ?? false;

The detailed explanation of the above process can be found in my article. As to why you must follow it is explained in this famous question

No variables in the query

In your case, where no variables to be used in the query, you can use the query() method:

$query = "SELECT ssfullname, ssemail FROM userss ORDER BY ssid";
$result = $conn->query($query);
// in case you need an array
$row = $result->fetch_assoc();
// OR in case you need just a single value
$value = $result->fetch_row()[0] ?? false;

By the way, although using raw API while learning is okay, consider using some database abstraction library or at least a helper function in the future:

// using a helper function
$sql = "SELECT email FROM users WHERE id=?";
$value = prepared_select($conn, $sql, [$id])->fetch_row[0] ?? false;

// using a database helper class
$email = $db->getCol("SELECT email FROM users WHERE id=?", [$id]);

As you can see, although a helper function can reduce the amount of code, a class' method could encapsulate all the repetitive code inside, making you to write only meaningful parts - the query, the input parameters and the desired result format (in the form of the method's name).

How to use logical operators in MYSQLI - PHP

SELECT id, name FROM users WHERE id <> $value1 AND email = '$value2'"

<> and != is the same. AND and && is the same. You probably see AND and <> because is the standard in SQL. The issue was the equal operator is = instead of ==.

In the second part of your question, ss is wrong. d is for type double, s is for strings.

$query=$conn->prepare("SELECT id, name from users WHERE id != ? && email = ?");
$query->bind_param('ds', $value1, $value2);
$query->execute();

You can check types on php bind_param function help.

PHP MySQL keep selected option from dropdown menu when menu is select from database

Check whether the post value matches the object id in the loop.

$selcted = $_POST['Objekt'] == $row['Objekt'] ? ' selected' : '';

If it does $selected is set to " selected" and added to the option.

echo "<option value='" . $row['Objekt'] . "'" . $selected . ">" . $row['Objekt'] . "</option>";


Related Topics

Check If PHP-Page Is Accessed from an iOS Device

Pkill -F Doesn't Work for Process Killing

Trying to Access Array Offset on Value of Type Bool in PHP 7.4

Unserialize PHP Array in JavaScript

How to Use "Dependency Injection" in Simple PHP Functions, and Should I Bother

How to Extract Links and Titles from a .HTML Page

Phpmailer Generates PHP Warning: Stream_Socket_Enable_Crypto(): Peer Certificate Did Not Match Expected

Special Characters in PHP/Mysql

Sort an Array by a Child Array's Value in PHP

Prevent Innodb Auto Increment on Duplicate Key

How to Install/Enable the PHP Phar Extension

Execute Commands on Remote MAChine via PHP

Type Hinting - Specify an Array of Objects

Call to a Member Function Fetch() on Boolean

How to Delete a File via PHP

Chaining Static Methods in PHP

Simplest Way to Increment a Date in PHP

Parse a CSS File with PHP


Leave a reply



Submit