MySQL Prepared Statement | Coding Tag

MySQL Prepared Statement


Mysql database support prepared statements.
A prepared statement is used to execute the same statement repeatedly. We pass a parameters (labeled "?") in a prepared statement.

We create a parameter template using prepare statement & send to the database. It's also known as parameterized statement.

For e.g.: INSERT INTO tbl_student VALUES(?, ?)
Execute: when we write a prepare statement after execution its query joined the values to the parameters & the database executes the prepare statement. The query may execute the statement as many times as it wants with different values.

Step 1: Create a database
Database name: tutorial

Step 2: create a connection file. File name is "connection.php".
// $sname is server name

$sname = "localhost";

// $uname is user name

$uname = "root";

// $pwd is server password

$pwd = "";

$databasename = "tutorial";

// data base name are defined.
// Create connection

$db_conn = new mysqli($sname, $uname, $pwd, $databasename);

// Check connection

if ($db_conn->error)

die ("Connection failed" . $db_conn->error);
Step 3: php page (stu_inf.php)
<?php  include("connection.php");
$qry = $db_conn->prepare("insert into tbl_student(stu_name,stu_rollno) VALUES (?,?)");

// bind the parameters

$qry->bind_param("ss", $stu_name, $stu_rollno);

// parameters defined and execute

$stu_name = "Ram";

// defined second parameters and execute

$stu_name = "Raja";
$stu_rollno = 2;

echo "New records successfully created";

Two records are insert into a table using prepared statement. In this way we insert many records using prepare.
The statement is executed several times; but using prepared statement we reduces parsing time because query of preparation is execute only one time. Using bind_param we bind the parameter which helps to reduce the bandwidth to the server.

SQL INJECTION doesn't occur using prepared statement.

Best WordPress Hosting


Discount Coupons

Get a .COM for just $6.98

Secure Domain for a Mini Price

Leave a Reply

    Waiting for your comments