Jump to content
Larry Ullman's Book Forums

Conversion of 2 queries on the same page to Prepared Statement


Recommended Posts

Please can anybody help, I am trying to convert one Insert query and one select query to prepared statement but I was  stuck on the way. 

No.1 below is the original code that I want to convert to prepared statement, 

No.2 is the one that I am working but get stucked


No.1

   
    
        $insert_customer = "insert into customers 
                            (customer_name,customer_email,customer_pass,
                            customer_country,customer_city,customer_contact,
                            customer_address,customer_image,customer_ip) 
                    values ('$c_name','$c_email','$c_pass','$c_country',
                            '$c_city','$c_contact','$c_address',
                            '$c_image','$c_ip')";
        $run_customer = mysqli_query($dbc,$insert_customer);
        $sel_cart = "select * from cart where ip_add='$c_ip'";
        $run_cart = mysqli_query($cdbc,$sel_cart);
        $check_cart = mysqli_num_rows($run_cart);
    
        if($check_cart>0){
        
            /// If register have items in cart ///
            $_SESSION['customer_email']=$c_email;
            echo "<script>alert('You have been Registered Sucessfully')</script>";
            echo "<script>window.open('checkout.php','_self')</script>";
        
        }else{
        
            /// If register without items in cart ///
            $_SESSION['customer_email']=$c_email;
            echo "<script>alert('You have been Registered Sucessfully')</script>";
            echo "<script>window.open('index.php','_self')</script>";
        }
    }
    ?>

2 here is the prepared statement I am working on but get stucked. I just want to know how to combine the two queries together
    
   .
            
            $insert_customer = "INSERT INTO customers 
                            (customer_name,customer_email,customer_pass,
                            customer_country,customer_city,customer_contact,
                            customer_address,customer_image,customer_ip) 
                        VALUES (?,?,?,?,?,?,?,?,?)";
            // Prepare the statement:
            $stmt = mysqli_prepare($dbc,  $insert_customer);

            // Bind the variables:
            mysqli_stmt_bind_param($stmt, 'ssssssssi',
                                        $c_name,$c_email,$c_pass,
                                        $c_country,$c_city,$c_contact,
                                        $c_address,$c_image,$c_ip);

            $sel_cart = "select * from cart where ip_add=?";
            $stmt = mysqli_prepare($cdbc,$sel_cart);
            // Bind the variables:
            mysqli_stmt_bind_param($stmt,'i',$c_ip);
            // Execute the query:
            mysqli_stmt_execute($stmt);
            
            if (mysqli_stmt_affected_rows($stmt) == 1) {
                /// If register have items in cart ///
                $_SESSION['customer_email']=$c_email;
                echo "<script>alert('You have been Registered Sucessfully')</script>";
                echo "<script>window.open('checkout.php','_self')</script>";
            }else{
                /// If register without items in cart ///
                $_SESSION['customer_email']=$c_email;
                echo "<script>alert('You have been Registered Sucessfully')</script>";
                echo "<script>window.open('index.php','_self')</script>";
            }
        }
    }
    ?>

Link to comment
Share on other sites

I'm not sure what you mean by "combine the two queries together" as one is an INSERT and another is a SELECT. They cannot be combined into one. But from the looks of it what I think you should be doing is executing the INSERT query, then checking for affected rows, then executing the SELECT query.

Also, separately, it's pretty weird to print out JavaScript like you're doing as opposed to just redirecting the browser directly within PHP.

Link to comment
Share on other sites

 Share

×
×
  • Create New...