[nycphp-talk] mysqli exception problem
Michael Southwell
michael.southwell at nyphp.com
Mon Nov 5 17:16:37 EST 2007
I have a mysqli script which works perfectly except when I try to force
an exception
by using a test attacking parameter. I can't get an exception thrown
even though I also
don't get any output. The docs say the prepared statement must be a
single statement, and of course
this is not. But why don't I get an exception here?
...
$param = "red;DELETE FROM wines";
try {
if ( ! $query = $demo -> prepare( 'SELECT name FROM wines WHERE color
= ?' ) ) throw new Exception ( "can't select from wines: " . $demo ->
error );
if ( ! $query -> bind_param( 's', $param ) ) throw new Exception (
"can't bind parameter: " . $demo -> mysqli_error );
if ( ! $query -> execute() ) throw new Exception ( "can't execute
query: " . $demo -> mysqli_error );
...
--
=================
Michael Southwell
Vice President, Education
NYPHP TRAINING: http://nyphp.com/Training/Indepth
More information about the talk
mailing list