I want bind input from user befor add data to database , I wrote this code but I don't know how I complete it
$con=mysqli_connect('localhost', 'root', '', 'user');
$con->set_charset("utf8");
$result = mysqli_query($con,("INSERT INTO users(name, email, user_phone_number, password) VALUES (?,?,?,?)");
$name , $email , $user_phone_number , $password
PDO
bindValue
You don't use mysqli_query()
with prepared statements, you use mysqli_prepare()
.
$stmt = mysqli_prepare($con, "INSERT INTO users(name, email, user_phone_number, password) VALUES (?,?,?,?)");
mysqli_stmt_bind_param($stmt, "ssss", $name, $email, $user_phone_number, $password);
$result = mysqli_stmt_execute($stmt);