Stack Overflow
Stack Overflow

Questions tagged [prepared-statement]

A Prepared Statement (or parameterized statement) is a precompiled SQL statement that serves to improve performance and mitigate SQL injection attacks. Prepared statements are used in many popular Relational Database Management Systems.

Prepared statements separate data binding from execution. Separating statement preparation from execution can be more efficient for statements that are executed multiple times, because the preparation phase need be done only once. For example, if you need to insert a bunch of rows, you can prepare an INSERT statement once and then execute it repeatedly, binding successive row values to it for each execution. A prepared statement can contain placeholders to indicate where data values should appear. After you prepare the statement, bind specific values to the placeholders (either before or at statement-execution time), then substitute the values into the statement before sending it to the database server.

Also see: ,

6193 questions
2
votes
5 answers

Update int column using a variable in php

I am using following query $abilityPts = xxx; $statement = $conn->prepare('UPDATE players SET ability = (ability + $abilityPts) WHERE id = :myPlayerId'); However it is giving mer error.. $abilityPts column not found How can i resolve this…
Muhammad Umar
  • 11,391
  • 21
  • 91
  • 193
2
votes
3 answers

How to use quotations in SQL statement with MySQLi Prepared Statements in PHP?

I am using prepared statements to perform a SELECT query to my database, however the nature of the SQL syntax is causing a problem with MySQLi. When I attempt to prepare: SELECT user_id FROM Users WHERE email='?'; I am getting an error Warning:…
TheKarateKid
  • 772
  • 11
  • 19
2
votes
3 answers

MySQL Prepared Statements vs Stored Procedures Performance

I have an old MySQL 4.1 database with a table that has a few millions rows and an old Java application that connects to this database and returns several thousand rows from this this table on a frequent basis via a simple SQL query (i.e. SELECT *…
amardilo
  • 25
  • 4
2
votes
1 answer

Java PreparedStatement Delete Query: Show Number of Rows Deleted?

I have a PreparedStatement with a MySQL query that deletes rows based on a timestamp criteria. Is it possible to pull out how many rows were deleted from that same delete prepared statement or would I have to run a separate query to get the number…
Ronnie Dove
  • 107
  • 1
  • 3
  • 9
2
votes
4 answers

JDBC - prepareStatement - How should I use it?

I saw this example somewhere: rs = connection.prepareStatement("select * from table").executeQuery(); Could I use this format, if I want to execute a query like this "Select * from table where column = "hello" "? The way in which I usual I use…
cc.
  • 5,533
  • 14
  • 37
  • 46
2
votes
2 answers

Difference between the both parameter assignment

actually I have a doubt, so please clear it. I have 2 line do the same work, see below 1. cmd.Parameters.AddWithValue("@UserName",objBELUserDetails.UserName); 2. cmd.Parameters.Add("@UserName",SqlDbType.Nvarchar,50). …
Gaurav
  • 557
  • 4
  • 11
  • 28
2
votes
4 answers

mysql prepared statements & html purifier couple concept

Hii am at prototype stage with my site. After I asked this question in this site and after extra readings I concluded to use mysql prepared statements.With my new way of thinking I want to be sure that I understood the things correctly so my 2…
Andre Chenier
  • 1,166
  • 2
  • 18
  • 37
2
votes
1 answer

Custom mysqli prepare function

I'm doing my first own database class at the moment and currently I'm doing the prepare function. What this function does is to take in an SQL-query and then an array containing the variables for the statement. I'm having problems with binding the…
William Boman
  • 2,079
  • 5
  • 26
  • 39
2
votes
1 answer

how to insert multiple choices accessing the same ref Id on each choice of checkbox

I have tables called user and category when Insert values in both tables at the same time . But in category table I insert different categories using 6 checkboxes of different choices which are being accessed buy one name . but the problem is…
Humphrey
  • 2,659
  • 3
  • 28
  • 38
2
votes
0 answers

Using IN operator with multiple values

I am having a problem with the IN Operator I tried running this query public Cursor getFoodToAvoid(String[] diseases){ String value=""; for(int i=0; i
amateur programmer
  • 331
  • 5
  • 18
2
votes
3 answers

Java app hangs after calling PreparedStatement (against SQL Server DB)

I'm trying to get to grips with a Java app that talks to a SQL Server 2008 R2 DB. The app imports data into the DB, and it has a 'test mode'; the DB requests are wrapped up in a transaction, which is rolled back at the end. With a particular…
CJM
  • 11,908
  • 20
  • 77
  • 115
2
votes
1 answer

PHP SQLSRV Sorting with Parameter of Prepared Statement

I can't figure out why sorting will work as long as I'm not using $sort as a passed in parameter. Example below will work for sorting: $sort = "quantity desc"; $sql = " with items as ( SELECT…
IveMadeAHugeMistake
  • 79
  • 1
  • 10
2
votes
1 answer

Undefined Index on $_GET variable, its set but still doesn't works?

I am redirecting from here Update and code which shows error is
Shashi
  • 474
  • 6
  • 21
2
votes
4 answers

java - Multipile update statements in MySql

so I have a software which basically downloads 1.5K game server address from my MySQL db. It then pings all of them and then upload the information such as online players back to the database. The process looks like this: Download server…
Krimson
  • 7,386
  • 11
  • 60
  • 97
2
votes
3 answers

Rollback batch execution when using jdbc with autocommit=true

Im using JDBC, with autocommit=true. In one of the operation, I'm doing a batch inserts, using prepared statements. public void executeBatchInsert(String query, List entityList) { try { pstmt =…
Teja
  • 341
  • 2
  • 7
  • 18
1 2 3
99 100