Note: The API for prepared statements is still subject to revision. This information is provided for early adopters, but please be aware that the API may change.
The functions available for prepared statement processing are summarized here and described in greater detail in a later section. See C API Prepared statement functions.
Function | Description |
mysql_bind_param() | Associates application data buffers with the parameter markers in a prepared SQL statement. |
mysql_bind_result() | Associates application data buffers with columns in the result set. |
mysql_execute() | Executes the prepared statement. |
mysql_fetch() | Fetches the next row of data from the result set and returns data for all bound columns. |
mysql_fetch_column() | Fetch data for one column of the current row of the result set. |
mysql_get_metadata() | Returns prepared statement metadata in the form of a result set. |
mysql_param_count() | Returns the number of parameters in a prepared SQL statement. |
mysql_param_result() | Return parameter metadata in the form of a result set. |
mysql_prepare() | Prepares an SQL string for execution. |
mysql_send_long_data() | Sends long data in chunks to server. |
mysql_stmt_affected_rows() | Returns the number of rows changes, deleted, or inserted by the last UPDATE, DELETE, or INSERT query. |
mysql_stmt_close() | Frees memory used by prepared statement. |
mysql_stmt_data_seek() | Seeks to an arbitrary row number in a statement result set. |
mysql_stmt_errno() | Returns the error number for the last statement execution. |
mysql_stmt_error() | Returns the error message for the last statement execution. |
mysql_stmt_free_result() | Free the resources allocated to the statement handle. |
mysql_stmt_num_rows() | Returns total rows from the statement buffered result set. |
mysql_stmt_reset() | Reset the statement buffers in the server. |
mysql_stmt_row_seek() | Seeks to a row offset in a statement result set, using value returned from mysql_stmt_row_tell(). |
mysql_stmt_row_tell() | Returns the statement row cursor position. |
mysql_stmt_sqlstate() | Returns the SQLSTATE error code for the last statement execution. |
mysql_stmt_store_result() | Retrieves the complete result set to the client. |
Call mysql_prepare() to prepare and initialize the statement handle, mysql_bind_param() to supply the parameter data, and mysql_execute() to execute the query. You can repeat the mysql_execute() by changing parameter values in the respective buffers supplied through mysql_bind_param().
If the query is a SELECT statement or any other query that produces a result set, mysql_prepare() will also return the result set metadata information in the form of a MYSQL_RES result set through mysql_get_metadata().
You can supply the result buffers using mysql_bind_result(), so that the mysql_fetch() will automatically return data to these buffers. This is row-by-row fetching.
You can also send the text or binary data in chunks to server using mysql_send_long_data(), by specifying the option is_long_data=1 or length=MYSQL_LONG_DATA or -2 in the MYSQL_BIND structure supplied with mysql_bind_param().
When statement execution has been completed, the statement handle must be closed using mysql_stmt_close() so that all resources associated with it can be freed.
If you obtained a SELECT statement's result set metadata by calling mysql_get_metadata(), you should also free it using mysql_free_result().
To prepare and execute a statement, an application follows these steps:
Call mysql_prepare() and pass it a string containing the SQL statement. For a successful prepare operation, mysql_prepare() returns a valid statement handle to the application.
If the query produces a result set, call mysql_get_metadata() to obtain the result set metadata. This metadata is itself in the form of result set, albeit a separate one from the one that contains the rows returned by the query. The metadata result set indicates how many columns are in the result and contains information about each column.
Set the values of any parameters using mysql_bind_param(). All parameters must be set. Otherwise, query execution will return an error or produce unexpected results.
Call mysql_execute() to execute the statement.
If the query produces a result set, bind the data buffers to use for retrieving the row values by calling mysql_bind_result().
Fetch the data into the buffers row by row by calling mysql_fetch() repeatedly until no more rows are found.
Repeat steps 3 through 6 as necessary, by changing the parameter values and re-executing the statement.
When mysql_prepare() is called, the MySQL client/server protocol performs these actions:
The server parses the query and sends the OK status back to the client by assigning a statement ID. It also sends total number of parameters, a column count, and its meta information if it is a result set oriented query. All syntax and semantics of the query are checked by the server during this call.
The client uses this statement ID for the further operations, so that the server can identify the statement from among its pool of statements. The client also allocates a statement handle with this ID and returns the handle to the application.
When mysql_execute() is called, the MySQL client/server protocol performs these actions:
The client uses the statement handle and sends the parameter data to the server.
The server identifies the statement using the ID provided by the client, replaces the parameter markers with the newly supplied data, and executes the query. If the query produces a result set, the server sends the data back to the client. Otherwise, it sends an OK status and total number of rows changed, deleted, or inserted.
When mysql_fetch() is called, the MySQL client/server protocol performs these actions:
The client reads the data from the packet row by row and places it into the application data buffers by doing the necessary conversions. If the application buffer type is same as that of the field type returned from the server, the conversions are straightforward.
You can get the statement error code, error message, and SQLSTATE value using mysql_stmt_errno(), mysql_stmt_error(), and mysql_stmt_sqlstate(), respectively.