How to perform UPDATE with mysqli->prepare?

Question

As I know there is a way to input data into a mysql database with mysqli, where you do not have to use mysql_real_escape_string. I mean like this:

$stmt = $mysqli->prepare("INSERT INTO CountryLanguage VALUES (?, ?, ?, ?)");  
$stmt->bind_param('sssd', "something", "something2", "something3", "123");

Now my question: Can you do the same with UPDATE instead of INSERT? What would the expression look like? Would it look like the following:

$stmt = $mysqli->prepare("UPDATE CountryLanguage SET some = ?, some2 = ?, some3 = ?, some4 = ?"); 
$stmt->bind_param('sssd', "something", "something2", "something3", "123");`

Thanks for your help.

@jajouka check http://www.php.net/manual/en/mysqli-stmt.bind-param.php which explains it (string, string, string, double) — craniumonempty, Apr 07 '12 at 11:29

score 22 · Accepted Answer · answered Mar 19 '11 at 12:36

22

It would look the same, but don't forget the WHERE. Your example is correct.

answered Mar 19 '11 at 12:36

Jon

428,835
81
738
806

Thank you! Yes, I didnt put the WHERE in my example. – phpheini Mar 19 '11 at 12:37

How to perform UPDATE with mysqli->prepare?

1 Answers1