Prepared statements

Wizzurizz · Post by **Wizzurizz** » Thu Aug 09, 2012 6:49 am

Hello all,

I Just re-joined this forum after time travel without my lap Big mistake!...

Now I'm back to working on my skills in writting code and I have a problem with some Prepared statements i'm trying to use..

function AddUser($user, $pass){
        //$user = mysql_real_escape_string(htmlentities($user));
        //$pass = sha1($pass);
                
        $mysql = new mysqli('localhost', 'user', 'pass', 'dbname') or die('Could not Connect to Databse');
        
        $stmt = $mysql->prepare("INSERT INTO `users` (`user_username`, `user_password`) VALUES (:username, :password)") or die('There is a problem with the query.');
        $stmt->bindparam(':username', $user);
        $stmt->bindparam(':password', $pass);
        $stmt->execute();
       
    }

I can't get this query to work, and to me it looks just like the one on http://php.net/manual/en/pdo.prepared-statements.php

If you know something about prepared startements please show me the way

Best regards
Wizz

Post by **jacek** » Sun Aug 12, 2012 12:21 am

Welcome back

Your mixing PDO and mysqli, try this example http://uk.php.net/manual/en/mysqli-stmt.bind-param.php

BetterPHP

Prepared statements

Prepared statements

Re: Prepared statements