I'm working on a project where the user inputs a URL like these:
http://localhost/project/read.php?user=user&secretkey=pass&table=customer&order=age&conditions=age%20BETWEEN%20%270%27%20AND%20%2760%27
http://localhost/project/read.php?user=user&secretkey=pass&table=customer&order=age&limit=0,3&conditions=customer_name%20LIKE%20%27J%%27%20AND%20customer_name%20IN%20(%27Joe%27,%27Bob%27)
in the browser window and JSON of the SQL query results is displayed on a .php page.
Our instructor gave us the following code "that will help binding the conditions:"
$revised_conditions = str_replace("%20"," ",$clean_conditions);
$revised_conditions = preg_replace("!'%?[a-zA-Z0-9]+%?'!","?",$revised_conditions);
$conditions_array = preg_match_all("!'(%?[a-zA-Z0-9]+%?)'!", $clean_conditions, $condition_matches, PREG_PATTERN_ORDER);
... and ...
if ($clean_conditions != False) {
$types = "";
foreach ($condition_matches[1] as $c) {
if (preg_match("![0-9\.]+!",$c)) {
$types .= "d";
} else {
$types .= "s";
}
}
$stmt->bind_param($types, ...$condition_matches[1]);
}
Can someone tell me what "binding the conditions" means? I believe it means putting each condition from the URL into a variable. How does the above code do that? How would I implement this code to make it functional?
