Love2c0de Posted May 6, 2013 Share Posted May 6, 2013 (edited) Good evening, I am trying to create a user profile system on my website. I have the ability to register and login fine. I've hard coded a dummy profile into the profiles table. The way in which I am going to retrieve the profile data is by matching the users username in both tables. At the moment my query is returning all of the members in the user table and all of the profile information in the other table - profiles. This is my query: $stmt = $conn->prepare("SELECT * FROM users LEFT JOIN profiles ON users.? = profiles.username") or die("Error: ".mysqli_error($conn)); Not sure if the way I am going about it is the correct way either so any advice and guidance is greatly received. Kind regards, L2c. Edited May 6, 2013 by Love2c0de Quote Link to comment https://forums.phpfreaks.com/topic/277721-prepared-query-join-problems/ Share on other sites More sharing options...
Love2c0de Posted May 6, 2013 Author Share Posted May 6, 2013 Oh, this seems to have fixed it: $stmt = $conn->prepare("SELECT * FROM users,profiles WHERE users.username AND profiles.username = ?") or die("Error: ".mysqli_error($conn)); Regards, L2c. Quote Link to comment https://forums.phpfreaks.com/topic/277721-prepared-query-join-problems/#findComment-1428683 Share on other sites More sharing options...
jcbones Posted May 6, 2013 Share Posted May 6, 2013 I know it is fixed, but just would like to note that you cannot bind parameters to column names nor table names in prepared statements. Note: The markers are legal only in certain places in SQL statements. For example, they are allowed in the VALUES() list of an INSERT statement (to specify column values for a row), or in a comparison with a column in a WHERE clause to specify a comparison value. However, they are not allowed for identifiers (such as table or column names), in the select list that names the columns to be returned by a SELECT statement, or to specify both operands of a binary operator such as the = equal sign. The latter restriction is necessary because it would be impossible to determine the parameter type. It's not allowed to compare marker with NULL by ? IS NULL too. In general, parameters are legal only in Data Manipulation Language (DML) statements, and not in Data Definition Language (DDL) statements. Quote Link to comment https://forums.phpfreaks.com/topic/277721-prepared-query-join-problems/#findComment-1428693 Share on other sites More sharing options...
kicken Posted May 7, 2013 Share Posted May 7, 2013 This is my query: $stmt = $conn->prepare("SELECT * FROM users LEFT JOIN profiles ON users.? = profiles.username") or die("Error: ".mysqli_error($conn)); The proper way to code that query would be this: SELECT * FROM users LEFT JOIN profiles ON users.username=profiles.username WHERE users.username=? Then you bind the username you want to search for as the value for the ? parameter. Quote Link to comment https://forums.phpfreaks.com/topic/277721-prepared-query-join-problems/#findComment-1428766 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.