I am beginning using prepared statements:
($stmt = $db->prepare('SELECT email FROM users WHERE token=?'))
|| fail('MySQL prepare', $db->error);
$stmt->bind_param('s', $token)
|| fail('MySQL bind_param', $db->error);
$stmt->execute()
|| fail('MySQL execute', $db->error);
$stmt->close();
The statement returns an email address, and I was wondering if it is possible to convert the desired email address into a string for further use in PHP? Which is the best way to do this?
Thanks.
$stmt->bind_result($email);
$stmt->fetch();
echo $email;
Very easy... with PDO:
$stmt = $db->prepare('SELECT email FROM users WHERE token=?');
$stmt->execute(array($token));
$desired_string = $stmt->fetchColumn();
note the amount of code required