ansaurus

Question

returning statement created by mysqli_stmt_bind_param

Answer 1

+2 A:

According to this answer, it is indeed impossible to get the final generated statement (which is horrible!), but maybe mysqli_report as shown in this question can help you debug your query.

Pekka 2010-03-28 00:23:23

Answer 2

+2 A:

Prepared statements created by mysqli_prepare() are server-side prepared statements.
When you execute such a prepared statement only the statement id and the parameters are transferred, not some query string as if you would replace the placeholders by the actual parameters (on the client-side, i.e. your php script).
But you can see the result in the general log of the MySQL server, see Prepared Statement Logging

edit: in your case the preparation of the statement fails because desc is a reserved keyword.
For a list of keywords and how to use them as identifiers (if necessary) see http://dev.mysql.com/doc/refman/5.0/en/reserved-words.html

$q = '
  INSERT INTO
    `event`
    (
      `cityid`, `name`, `desc`, `date`,
      `expdate`, `mintix`, `maxtix`,
      `contactname`, `contactemail`, `contactphone`
    )
  VALUES
    (
      ?,?,?,?,
      ?,?,?,
      ?,?,?
    )
';

if ( false===($stmt=mysqli_prepare($dblink, $q)) ) {
  /* 
    in production-code you might not want to reveal
    the error string to each and every user
    ...but for this example and for debugging purposes:
  */
  die('mysqli_prepare failed: '.htmlspecialchars(mysqli_error($dblink)));
}

$rc = mysqli_stmt_bind_param(
  $stmt,
  "issssiisss",
  $city,$name,$desc,$date,
  $expdate,$mintix,$maxtix,
  $contactname,$contactemail,$contactphone
);
if ( false===$rc ) {
  die('mysqli_stmt_bind_param failed: '.htmlspecialchars(mysqli_stmt_error($stmt)));
}


if ( false===mysqli_stmt_execute($stmt) ) {
  die('mysqli_stmt_execute failed: '.htmlspecialchars(mysqli_stmt_error($stmt)));
}

mysqli_stmt_close($stmt);

VolkerK 2010-03-28 01:10:44

Ahh, so *that's* the reason why neither mysql nor PDO support this properly. Thanks.

Pekka 2010-03-28 17:06:22

PDO can do both server-side and client-side (emulated) prepared statements (PDO::ATTR_EMULATE_PREPARES). In the latter case it _would be_ possible to print a query string though it doesn't seem to be exposed.

VolkerK 2010-03-28 17:47:36

I thought I've used desc as column name before, but I was wrong. I am surprised phpMyAdmin let me use it. I just tried changing it and phpMyAdmin displayed an error. It still managed to change it and now everything is working.Thanks for all those ways to catch errors. That's really useful. Didn't realize all those were possible.

bigmac 2010-03-28 18:03:50

ansaurus

tags:

views:

answers:

returning statement created by mysqli_stmt_bind_param

related questions