php - Mysqli Prepared Statement Troubleshooting -
i'm stumped, had working in plain mysqli statements, told avoid injection write using prepared statements. truncate thing seems work. advice?
$con=mysqli_connect(localhost,"username","password","db"); // check connection if (mysqli_connect_errno()) { echo "failed connect mysql: " . mysqli_connect_error(); } $deletetable = $con->prepare('truncate table twitch_streams'); $deletetable->execute(); $deletetable->close(); $result = $con->prepare("select field_value xf_user_field_value field_id = 'twitch' , field_value != ''"); $result->bind_result($twitchfield); while($result->fetch()) { printf("%s\n", $twitchfield); $username[] = $twitchfield; $data = json_decode(file_get_contents('http://api.justin.tv/api/stream/l ist.json?channel=' . $username[0])); $viewer[] = $data[0]->channel_count; $insert = $con->prepare("insert twitch_streams (twitchuser, viewercount) values (?, ?)"); $insert->bind_param('si', $twitchuser, $viewercount); $twitchuser = $username[0]; $viewercount = $viewer[0]; $insert->execute(); echo $twitchuser; echo $viewercount; $insert->close(); } $result->close();$deletetable = $con->prepare('truncate table twitch_streams'); $deletetable->execute(); $deletetable->close(); $result = $con->prepare("select field_value xf_user_field_value field_id = twitch , field_value != ''"); $result->bind_result($twitchfield); while($result->fetch()) { printf("%s\n", $twitchfield); $username[] = $twitchfield; $data = json_decode(file_get_contents('http://api.justin.tv/api/stream/l ist.json? channel=' . $username[0])); $viewer[] = $data[0]->channel_count; $insert = $con->prepare("insert twitch_streams (twitchuser, viewercount) values (?, ?)"); $insert = bind_param('si', $twitchuser, $viewercount); $twitchuser = $username[0]; $viewercount = $viewer[0]; $insert->execute(); echo $twitchuser; echo $viewercount; $insert->close(); } $result->close(); mysqli_close($con);
there no function bind_param(), method of mysqli_stmt
you use so:
$insert->bind_param()
check here more information on mysqli_stmt
Comments
Post a Comment