I'm trying to turn the below query into a prepared statement, but I'm having no luck so far. I've attached one of my attempts. The idea is I'm using this to check how many rows are returned using mysqli_num_rows afterward.
$sql2=mysqli_query($bd, "SELECT address FROM member WHERE address='".$address."'");
This is my attempt at creating a prepared statement.
$ustmt = $bd->prepare("SELECT username FROM member WHERE username = ?");
$sql2 = $ustmt->execute();
Is this correct? And if so, how do I then check the number of rows returned into $sql2 ?
Best How To :
Yes, your preparation and execution is correct.
The execute call returns a
boolean value, which will be
true if successful else
$stmt->error property will be set with error message).
This is worth checking before continuing, cause if its false, there will be no result.
Same with the preparation, if the
$mysqli->prepare(...) call returns false, the
$mysqli->error will be set with the error message.
After execution, you can fetch the number of affected rows by either the
$num_rows property, in case its a
SELECT statement, or the
$affected_rows property in other cases.
Or, you can fetch the
mysqli_result object from the statement with the
mysqli_result object contains the public field
$num_rows, so you can check row count by:
$res = $stmt->get_result();
For other methods in the
mysqli_result object, i recommend checking the docs.