Menu
Community /Pin to ProfileBookmark
@NogDogDec 29.2021 — #Yeah, the implode is going to create a string, and the prepared statement is going to put it into the IN() SQL expression as a single string (that happens to contain comma literals), rather than as multiple discrete values (integers?) separated by commas. If you are confident that
Yeah, since those were the only two place-holders, doing a prepared statement is not necessary in this case. If there is any possibility those IDs could be corrupted, you could apply some sort of "sanitation" to them first, maybe just:
@NogDogDec 29.2021 — #@ginerjm#1641004 Yep. The prepared query would have taken a string like
MySQLAdmin vs Browser
Why won’t this output any results when it’s within a method but when I add it into MySQL it works. I’ve returned the SQL, $t1 and $t2 values which are 33,465,44 for example.
I can’t insert code for some reason so it’s in the HTML tab here
I get rows in mysqladmin and nothing when used in code in my browser. Both are using the same set of data
Sign in
to post a comment7 Comments(s) ↴
0
@NogDogDec 29.2021 — #Yeah, the implode is going to create a string, and the prepared statement is going to put it into the IN() SQL expression as a single string (that happens to contain comma literals), rather than as multiple discrete values (integers?) separated by commas. If you are confident that $teamID$t1$SQL0
@NogDogDec 29.2021 — #>@ginerjm#1641002 just use a straight up query instead of a prepared one?
Yeah, since those were the only two place-holders, doing a prepared statement is not necessary in this case. If there is any possibility those IDs could be corrupted, you could apply some sort of "sanitation" to them first, maybe just:
[code=php]
foreach($teamID as $ix => $id) {
$teamID[$ix] = (int) $id;
}
$t1 = implode(",", $teamID);
[/code]0
@NogDogDec 29.2021 — #"1, 2, 3"WHERE teamID IN ('1, 2, 3')