PHP SQL Query string concatenation with MySQLi prepared statement -


what correct syntax concatenating strings , variables in php mysqli prepared statements?

the code have right this:

        if ($test_stmt2=$mysqli->prepare("update friends set friendslist=friendslist+','+? friendsuserid=? ")) { //insert userid , frienduserid friends table                $test_stmt2->bind_param('si', $friendid, $userid); //bind parameters (friend user id, own user id)                $test_stmt2->execute(); //execute prepared query                echo "success";         } 

basically, want string in friendslist column, add comma it, add variable string ($friendid) cell in friends table.

it seems need sql concatentation.

however, shouldn't use purpose. database structure deadly sin against holy normal form.

please, not store comma-separated values in database cell. create distinct table store corresponding values.

userid | friendid      1 |        2      1 |        3      1 |        5      5 |        1      5 |        2      2 |       10 

this way need regular insert query this:

insert friendslist set friendid = ?, userid = ?  

it save a lot of hair in near future


Comments

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

gcc - Calling fftR4() in c from assembly -

.htaccess - Matching full URL in RewriteCond -