Schema
id Primary int(11) No None AUTO_INCREMENT creation_date_time datetime exp int(11)
Code
$now = 'now()';
$interval2 = 'now() + Interval 2 day';
$interval1 = 'now() + Interval 1 day';
if($stmt = $conn->prepare("SELECT * FROM xx WHERE creation_date_time >= ? AND creation_date_time <= ? AND creation_date_time > ?")) {
$stmt->bind_param("sss", $now, $interval2, $interval1);
$stmt->execute();
$result = $stmt->get_result();
print_r($result);
}It works without prepared statement.
Why does this not work and is there a need to use prepared statement in this case at all?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
It doesn’t work because you’re trying to parameterise SQL code, not just a variable value. Therefore it gets treated as text instead of code.
Since you’re not including variable input data in your query, there is no need to use parameters in this case at all.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0