I am very new to prepared statements.
This is my code:
<?php
$getImages=$db->prepare("SELECT * FROM header_image_arabic");
$getImages->bind_param('s', '$images');
$getImages->execute();
$getImages->bind_result($returned_images);
while($img=$returned_images->fetch_object()){
?>
This is the error:
Fatal error: Cannot pass parameter 2 by reference in C:\wamp\www\arabia\admin\includes\pan\imageHeader.php on line 22`
What does this error mean?
There are number of things wrong here.
'$images' is a string containing 7 characters. You want to pass the variable to bind_param, not a string.
$getImages->bind_param('s', $images);
Also, what exactly are you trying to bind to here? There are no placeholders (question marks) in your query. You can just use $db->query() here. You only need to "prepare" a query when you are filling in data.
$getImages = $db->query('SELECT * FROM header_image_arabic');
if($getImages === FALSE){
die($db->error);
}
while($img = $getImages->fetch_object()){
}
Another thing is the line: $getImages->bind_result($returned_images);. bind_result is used to bind to the fields in the query. You can't use that here, since you are doing SELECT *. (Also, fetch_object and bind_result cannot be used together. You need to use get_result (which only works with the mysqlnd driver) to be able to use fetch_object.)
So, if you wanted to use "prepared statements", it would look something like this:
$getImages = $db->prepare("SELECT image_id FROM header_image_arabic WHERE name = ?");
$getImages->bind_param('s', $images);
$getImages->execute();
$getImages->bind_result($returned_images);
while($getImages->fetch()){
// This will get updated each iteration
echo $returned_images;
}
Or like this (requires mysqlnd driver):
$getImages = $db->prepare("SELECT * FROM header_image_arabic WHERE name = ?");
$getImages->bind_param('s', $images);
$getImages->execute();
$result = $getImages->get_result();
while($img = $result->fetch_object()){
echo $img->image_id;
}