When I'm using SQL select statements with prepared statements code works fine and display content when I'm run that in my computer localhost using WAMP server.
But when I'm upload this code to my web hosting. No any result display or no any error display.But without prepared statement code works fine in the web hosting and display results. here is my codes with and without prepared statements. Please tell me why that happens?
Here is my code:
<?php
for($i=0;$i <$count; $i++){
require('connection.php');
$stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset ?");
$stmt->bind_param('s', $id);
$stmt->execute();
$result = $stmt->get_result();
if($result->num_rows > 0) {
while($row = $result-> fetch_assoc()){
$pst_content = $row['content'];
$author = $row['commentator'];
if($i==0){
echo '<div class="item active">';
echo ' <blockquote>';
echo '<div class="row">';
echo '<div class="col-sm-12">';
echo " <p style='color:#a07936'>$pst_content</p>";
echo "<small>$author</small>";
echo ' </div>';
echo ' </div>';
echo ' </blockquote>';
echo ' </div>';
}else{
echo '<div class="item">';
echo ' <blockquote>';
echo '<div class="row">';
echo '<div class="col-sm-12">';
echo " <p style='color:#a07936'>$pst_content</p>";
echo "<small>$author</small>";
echo ' </div>';
echo ' </div>';
echo ' </blockquote>';
echo ' </div>';
}
}
}
}
?>
Code according to Procedural style.Your table column as follows? commentator ,Content? then,
<?php
$link = mysqli_connect("localhost", "my_user", "my_password", "world");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s
", mysqli_connect_error());
exit();
}
for($i=0;$i <$count; $i++){
if ($stmt = mysqli_prepare($link, "SELECT commentator,content FROM comment WHERE status = 'Approved' limit 1 offset ?")) {
/* bind parameters for markers */
mysqli_stmt_bind_param($stmt, "s", $i);
/* execute query */
mysqli_stmt_execute($stmt);
/* bind result variables */
mysqli_stmt_bind_result($stmt,$cmnt,$cont);
/* fetch value */
mysqli_stmt_fetch($stmt);
$pst_content = $cont;
$author = $cmnt;
if($i==0){
echo '<div class="item active">';
echo ' <blockquote>';
echo '<div class="row">';
echo '<div class="col-sm-12">';
echo " <p style='color:#a07936'>$pst_content</p>";
echo "<small>$author</small>";
echo ' </div>';
echo ' </div>';
echo ' </blockquote>';
echo ' </div>';
}else{
echo '<div class="item">';
echo ' <blockquote>';
echo '<div class="row">';
echo '<div class="col-sm-12">';
echo " <p style='color:#a07936'>$pst_content</p>";
echo "<small>$author</small>";
echo ' </div>';
echo ' </div>';
echo ' </blockquote>';
echo ' </div>';
}
/* close statement */
mysqli_stmt_close($stmt);
}
}
/* close connection */
mysqli_close($link);
?>
Read this: http://php.net/manual/en/mysqli.prepare.php
http://php.net/manual/en/pdostatement.bindparam.php
$stmt->bind_param('s', $id);
You are trying to bind $id to "s", but you are using a ? in your query.
try
$stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset ?");
$stmt->bind_param(1, $id);
or better
$stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset :id");
$stmt->bind_param(':id', $id);
Since you are using bind_param() with a named parameter, it should also be named in the query :
$stmt = $connection->prepare("SELECT * FROM comment WHERE status = 'Approved' limit 1 offset :s");
$stmt->bind_param('s', $id);
Of course your $id variable should be defined and hold a meaningful value for the offset clause.