NYCPHP Meetup

NYPHP.org

[nycphp-talk] mysqli exception problem

Michael Southwell michael.southwell at nyphp.com
Mon Nov 5 17:16:37 EST 2007


I have a mysqli script which works perfectly except when I try to force 
an exception
by using a test attacking parameter. I can't get an exception thrown 
even though I also
don't get any output. The docs say the prepared statement must be a 
single statement, and of course
this is not. But why don't I get an exception here?

...
$param = "red;DELETE FROM wines";
try {
   if ( ! $query = $demo -> prepare( 'SELECT name FROM wines WHERE color 
= ?' ) ) throw new Exception ( "can't select from wines: " . $demo -> 
error );
   if ( ! $query -> bind_param( 's', $param ) ) throw new Exception ( 
"can't bind parameter: " . $demo -> mysqli_error );
   if ( ! $query -> execute() ) throw new Exception ( "can't execute 
query: " . $demo -> mysqli_error );
...

-- 
=================
Michael Southwell
Vice President, Education
NYPHP TRAINING:  http://nyphp.com/Training/Indepth



More information about the talk mailing list