Home/ Questions/Q 8047159
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T06:00:54+00:00

I have an old mysql code which worked correctly in the application: $query =

  • 0

I have an old mysql code which worked correctly in the application:

  $query = "
SELECT * FROM Tutor t  
WHERE 
(t.Tutorusername = '".mysql_real_escape_string($tutorusername)."')
AND
(t.Tutorpassword = '".mysql_real_escape_string($tutorpassword)."')
";


$num = mysql_num_rows($result = mysql_query($query));


while($row = mysql_fetch_array($result))
  {

  ...

}

But I now wnat to change from Mysql and instead use mysqli. My question is that is the mysqli code below exactly correct and the same equivalent to the mysql code above?

$query = $mysqli->prepare("
    SELECT * FROM Tutor t  
    WHERE 
    (t.Tutorusername = '".mysqli_real_escape_string($tutorusername)."')
    AND
    (t.Tutorpassword = '".mysqli_real_escape_string($tutorpassword)."')
    ");

    $query->bind_result($Tutor);

    $num = $query->num_rows($result = $query->execute());


    while($row = $result->fetch())
      {

...

}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    No need to use preapre() here because you are concatenating the sql string.

    $sql="SELECT * FROM Tutor t
        WHERE 
        t.Tutorusername='".mysqli_real_escape_string($tutorusername)."'
        AND 
        t.Tutorpassword = '".mysqli_real_escape_string($tutorpassword)."'");

$result=$mysqli->query($sql);
if($result)
{
 $row=$result->fetch_row();
 if($row)
    print_r($row);
}

    For prepare() method you have to specify the parameters:

      $sql="SELECT * FROM Tutor t 
          WHERE t.Tutorusername=? AND t.Tutorpassword=?";

   $stmt=$mysqli->prepare($sql);
   $stmt->bind_param("s",$tutorusername);
   $stmt->bind_param("s",$tutorpassword);

   $stmt->execute(); 

   //I presume that the table "T" has three columns
   $stmt->bind_result($col1,$col2,$col2);
   while($stmt->fetch())
   {
     echo "<br/>", $col1,$col2,$col3;
    }

    PS: Read PHP manual for mysqli API.

    • 0