Prepared statement not working when binding it with sql functions


id Primary  int(11)         No  None        AUTO_INCREMENT  
creation_date_time  datetime    
exp int(11)


$now = 'now()';
$interval2 = 'now() + Interval 2 day';
$interval1 = 'now() + Interval 1 day';

if($stmt = $conn->prepare("SELECT * FROM xx WHERE creation_date_time >= ? AND creation_date_time <= ? AND creation_date_time > ?")) {
  $stmt->bind_param("sss", $now, $interval2, $interval1);
  $result = $stmt->get_result();

It works without prepared statement.
Why does this not work and is there a need to use prepared statement in this case at all?


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

It doesn’t work because you’re trying to parameterise SQL code, not just a variable value. Therefore it gets treated as text instead of code.

Since you’re not including variable input data in your query, there is no need to use parameters in this case at all.

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x