bind_param() in MYSQLI
$query="UPDATE student SET class=?,mark=? WHERE id=?";config.php Database connection object $connection is taken from config.php file.
<?Php
require "config.php";// Database connection file.
$class='Three';
$mark=66;
$id=5;
$query="UPDATE student SET class=?,mark=? WHERE id=?";
$stmt = $connection->prepare($query);
if ($stmt) {
$stmt->bind_param('sii', $class, $mark, $id);
$stmt->execute();
echo "Record Updated:";
echo $stmt->affected_rows;
}else{
echo $connection->error;
}
?>
In MySQLi prepared statements, the ? (question mark) is used as a placeholder for each input value in the query. These placeholders are later replaced with actual input values when you bind the parameters using bind_param(), which ensures the input values are safely incorporated into the query, preventing SQL injection and other vulnerabilities.
$stmt->bind_param('sii', $class, $mark, $id);i: Integer , tiny small medium
s: String
d: Double
b: Bolb Procedural style
$class='Three';
$mark=68;
$id=5;
$query="UPDATE student SET class=?,mark=? WHERE id=?";
if ($stmt = mysqli_prepare($connection,$query)){
mysqli_stmt_bind_param($stmt, "sii", $class, $mark, $id);
mysqli_stmt_execute($stmt);
echo "Record Updated:";
echo mysqli_affected_rows($connection);
}else{
echo mysqli_error($connection);
}Bind parameters to a prepared statement as parameter.
Returns True on success and False on failure.Object Oriented Style
$stmt->bind_param('sii', $class, $mark, $id);
Procedural style
mysqli_stmt_bind_param($stmt, "si",$class, $id);
No need to use mysqli_real_escape_string() if you are using bind_param()
MYSQLI Functions
mysql_query() : Apply query to database
Subhendu Mohapatra
Author
🎥 Join me live on YouTubePassionate about coding and teaching, I publish practical tutorials on PHP, Python, JavaScript, SQL, and web development. My goal is to make learning simple, engaging, and project‑oriented with real examples and source code.
Subscribe to our YouTube Channel here
This article is written by plus2net.com team.
https://www.plus2net.com
