I am trying to use prepared statements to retrieve data from a SQL DB and display them in an HTML table. When executing the code, I receive the error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '?' at line 1. Here is my current code:
connection.php
<?php function openConnection() { $dbHost = "localhost"; $dbUser = "user"; $dbPass = "pass"; $db = "db"; $conn = new mysqli($dbHost, $dbUser, $dbPass, $db) or die ("Connect failed: %s\n". $conn -> error); return $conn; } function closeConnection($conn){ $conn -> close(); } ?> index.php
<?php include('./connection.php'); $uid = $_SESSION['myUID']; $conn = openConnection(); $sql = "SELECT * FROM my_table WHERE uid=?"; $stmt = $conn->prepare($sql); $stmt->bind_param('s', $uid); $stmt->execute(); $stmt->store_result(); $stmt->close(); $result = $conn->query($sql) or die($conn->error); ?> <table class="table table-striped"> <thead> <tr> <th scope="col" name="tid">Header 1</th> <th scope="col" name="time">Header 2</th> <th scope="col" name="last_bump">Header 3</th> <th scope="col" name="options">Header 4</th> </tr> </thead> <tbody> <?php while($row = $result->fetch_assoc()){ echo "<tr>"; echo "<td>" . $row['tid'] . "</td>"; echo "<td>" . $row['time'] . "</td>"; echo "<td>" . updateTime() . "</td>"; echo "<td><button type='submit' class='btn btn-primary btn-sm'>Edit</button> <button type='submit' class='btn btn-danger btn-sm'>Delete</button></td>"; echo "</tr>"; } ?> </tbody> </table> If I remove the prepared statements and replace the ? with an actual value in the SELECT query, it works as intended. What am I doing incorrect here?
https://stackoverflow.com/questions/67052171/error-in-sql-syntax-near-when-using-prepared-statement April 12, 2021 at 11:06AM
没有评论:
发表评论