two arrays:
$columns = array('mail', 'phone', 'author', 'title');
$values = array('some mail', 'some phone', 'an author', 'a title');
Is it possible something like this:
$sql = "insert into actual (" . implode(', ', $columns) . ") values (" . implode(', ', $values) . ")";
$st = $db->prepare($sql);
$st->execute(); // line 23
I tried and got a syntax error on line 23.
答案 0 :(得分:1)
To write this as a prepared statement with place holders, you need to repeat ? for each field and then pass the values using bindParam() (assuming mysqli)...
$columns = array('mail', 'phone', 'author', 'title');
$values = array('some mail', 'some phone', 'an author', 'a title');
// Create place holders (need to remove last comma - done in build of SQL)
$valuesPlace = str_repeat("?,", count($values));
$sql = "insert into actual (" . implode(', ', $columns) . ")
values (" . rtrim($valuesPlace, ",") . ")";
$st = $db->prepare($sql);
// Bind a list of string values (big assumption)
$st->bindParam(str_repeat("s", count($values)), ...$values);
$st->execute(); // line 23