0

Here is my problem,

Not using prepared statements I can do it just fine, for example,

    $qry = "SELECT * FROM accounts WHERE email = '$email'";
$result = mysql_query($qry);
$account = mysql_fetch_assoc($result);
echo '<p>Welcome <strong>' . $account['username'] . '</strong>, Have a good day! And dont forgot your id ' . $account['id'] . '.</p>';

Considering an email does match a row on the mysql database, then I can with ease echo any other column where the email matches by simply doing $account['gender'], $account['age'] for example.

I am having alot of trouble doing it OO, here is my attempt; 

$q = $dbc -> prepare ("SELECT * FROM accounts WHERE email = ?");
$q -> bind_param ('s', $email);
$q -> execute();
$q -> bind_result();
$info = $q -> fetch();
echo '<p>Welcome ' . $info['username'] . '.</p>';

Doing it with the first method I can display any information from any column where the email matches for that row, I switched to prepared statements for security, but I am thinking of switching back with the hassle it is causing!

Improve this question
6
  • If you're switching to OO, use PDO rather than Mysqli. Commented Apr 15, 2011 at 18:20
  • And what is your problem? You just say that you have a lot of trouble... but you are not telling us what is happening. Commented Apr 15, 2011 at 18:24
  • I cannot get it to echo any column information at all, I have a database where each row has around 300 columns, naming each of them in the query instead of using *, is too much of a hassle. Commented Apr 15, 2011 at 18:25
  • @Kalessin why would you use PDO? Commented Apr 15, 2011 at 18:28
  • 1
    @Basic: PDO has many advantages over Mysqli, including portability (it can be used with database engines other than MySQL), named placeholders ($dbc->prepare("SELECT * FROM accounts WHERE email = ?") versus $dbc -> prepare ("SELECT * FROM accounts WHERE email = :email")) and returning data as an object, as well as numeric and associative arrays. Commented Apr 15, 2011 at 18:50

2 Answers 2

Reset to default
2

bind_result takes parameters. You pass it the variables you want it to set, then you call fetch.

$q->bind_result($username);
$q->fetch();
echo $username;

For this to work, you need to change SELECT * to the fields you want, ie SELECT username.

If you still need to use SELECT *, you can do this:

$q->execute();
$r = $q->get_result();
while($row = $r->fetch_array(MYSQLI_ASSOC)){
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Good old MySQL extension does not support prepared statements so you must have switched to another extension you don't mention. If it happens to be mysqli, you're out of luck: it only supports associative arrays when you don't use prepared statements.

My advise is to try out PDO. The MySQL driver is stable and it has a great API you can reuse for other DBMS engines.

Improve this answer

1 Comment

Ye mysqli is what I am using, if it doesn't support associative arrays then it is useless to me, PDO it is then, I just wasted my whole day trying to get that to work! Thanks.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.