$resultSpendStmt = $connection->prepare(...); $array->bind_param("sdidi", $A, $B, $C, $D, $E); $array->execute(); $array->store_result(); $array->bind_result($F, $G, $H, $I, $J, $K);
I am still a little unsure what bind_param does. Can someone give me an example as to what is means?
When you prepare an SQL statement, you can insert a placeholder (
?) where a column value would go, then use
bind_param() to safely substitute that placeholder for the real column’s value. This prevents any possibility of an SQL injection.