PHP MySQL prepared statement in a prepared statement
Question
In modelSlikeVrijednost I have a reference to the model -s primary key. ModelSlikeVrijednost can contain a lot of images (depends on the user). I need to delete the folder based on the modelID .
Example of path: /home/mainSite/public_html/site/img/1/1/ .
Is it possible to do this ?
Code:
if ($stmt = $mysqli->prepare("SELECT modelID FROM model WHERE proizvodacID='$id'")) {
$stmt->execute();
$stmt->bind_result($modelID);
while ($stmt->fetch()) {
$path="/home/mainSite/public_html/site/img/".$id."/".$modelID."/";
if ($stmt1 = $mysqli->prepare("SELECT modelSlikeVrijednost FROM modelSlike WHERE modelID='$modelID'")) {
$stmt1->execute();
$stmt1->bind_result($slike);
while ($stmt1->fetch()) {
if(is_null($slike)){
rmdir($path);
}
else{
$slikePath="/home/mainSite/public_html/site/".$slike;
if($slikePath!=$path){
unlink($slikePath);
}
rmdir($path);
}
}
$stmt1->close();
}
else {
printf("Prepared Statement Error: %s\n", $mysqli->error);
}
}
$stmt->close();
}
I get this error : Prepared Statement Error: Commands out of sync; you can't run this command now Prepared Statement Error: Commands out of sync; you can't run this command now Prepared Statement Error: Commands out of sync; you can't run this command now Prepared Statement Error: Commands out of sync; you can't run this command now
2 answers
solution1
3 ACCPTED 2013-02-20 14:12:30
No you cant.... you need to loop through all the results, close the cursor, or use a separate connection.
However what you are trying to do is better accomplished with a join anyway...
SELECT ms.modelSlikeVrijednost, m.modelID FROM model m, modelSlike ms
WHERE ms.modelID= m.modelID
AND m.proizvodacID ='$id'
This will give you all the information you need in each row.
However you ar also using prepared statements incorrectly. You shouldnt be passing in php variables directly you should be binding them as parameters to the query:
$sql = 'SELECT ms.modelSlikeVrijednost, m.modelID FROM model m, modelSlike ms'
.' WHERE ms.modelID= m.modelID'
.' AND m.proizvodacID = ?';
if($stmt = $mysqli->prepare($sql)) {
// bind the $id to the parameter as an integer
$stmt->bind_param('i', $id);
$stmt->execute();
// bind the fields of the result to the same variables you had before
$stmt->bind_result($slike, $modelID);
// less prone to error if we only type this manually once :-)
$basePath = "/home/mainSite/public_html/site";
while($stmt->fetch()) {
$path= $basePath . "/img/".$id."/".$modelID."/";
$slikePath = $basePath . "/" . $slike;
if(is_null($slike)){
rmdir($path);
} else {
if($slikePath!=$path) {
unlink($slikePath);
}
rmdir($path);
}
}
}
solution2
2 2013-02-20 14:23:13
Do not use bare mysqli API.
Get yourself a helper class, like safemysql
Then your code would be
$models = $db->getCol("SELECT modelID FROM model WHERE proizvodacID=?i",$id);
foreach($models as $modelID) {
$path = "/home/mainSite/public_html/site/img/$id/$modelID/";
$sql = "SELECT modelSlikeVrijednost FROM modelSlike WHERE modelID=?i";
$sarr = $db->getCol($sql, $modelID));
foreach($sarr as $silke) {
if(!$slike)) {
rmdir($path);
} else {
$slikePath="/home/mainSite/public_html/site/".$slike;
if($slikePath!=$path){
unlink($slikePath);
}
rmdir($path);
}
}
}
}
But yes, it's better to do it in one query, like prodigitalson said:
$sql = "SELECT ms.modelSlikeVrijednost, m.modelID FROM model m, modelSlike ms
WHERE ms.modelID= m.modelID AND m.proizvodacID=?i";
$sarr = $db->getCol($sql, $id);
foreach($sarr as $silke) {
if(!$slike)) {
rmdir($path);
} else {
$slikePath="/home/mainSite/public_html/site/".$slike;
if($slikePath!=$path){
unlink($slikePath);
}
rmdir($path);
}
}
}
The main idea is to get your data already from the query and then use it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.