Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //Queries will generally be of this structure->"SELECT * FROM Users WHERE Id ?"
- function fetchAssocPreparedStatements($query , $arg , $type) {
- $servername = "xxx";
- $username = "xxx";
- $password = "xxx";
- $dbname = "xxx";
- $conn = mysqli_connect($servername, $username, $password, $dbname);
- if ($conn->connect_error) {
- exit("An error occurred");
- }
- $arg = trim($arg); //try to sanatize
- $arg = stripslashes($arg);
- $arg = htmlspecialchars($arg);
- $arg = preg_replace("/[^a-z0-9-]+/i", "", $arg); //now using preg_replace
- $stmt = mysqli_stmt_init($conn); //prepare and execute statement
- mysqli_stmt_prepare($stmt, $query);
- mysqli_stmt_bind_param($stmt, $type, $arg);
- mysqli_stmt_execute($stmt);
- $meta = $stmt->result_metadata(); //create assoc array with data
- while ($field = $meta->fetch_field()) {
- $var = $field->name;
- $$var = null;
- $parameters[$field->name] = &$$var;
- }
- call_user_func_array(array($stmt, "bind_result"), $parameters);
- $copy = create_function('$a', 'return $a;');
- $results = array();
- while ($stmt->fetch()) {
- $results[] = array_map($copy, $parameters);
- }
- return $results; //returns results and closes the connections
- mysqli_stmt_close($stmt);
- mysqli_close($conn);
- }
Add Comment
Please, Sign In to add comment