Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:109203
Return-Path: <levi.morrison@datadoghq.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 98161 invoked from network); 22 Mar 2020 17:04:43 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 22 Mar 2020 17:04:43 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 68ECA1804F3
	for <internals@lists.php.net>; Sun, 22 Mar 2020 08:28:40 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
	SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <levi.morrison@datadoghq.com>
Received: from mail-il1-f171.google.com (mail-il1-f171.google.com [209.85.166.171])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun, 22 Mar 2020 08:28:39 -0700 (PDT)
Received: by mail-il1-f171.google.com with SMTP id k29so10773832ilg.0
        for <internals@lists.php.net>; Sun, 22 Mar 2020 08:28:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=datadoghq.com; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=VCK4LdAmFqS5f6GLxjhVPLCXKnRNRYDE9mhMjeNAygI=;
        b=JI6ck9I//vidCUd7WpIBsSL/plghLb81cE7ZRiceG/KryYHYUHAJ2dy8kkPUtTQbJZ
         56J/motyu2LFpSmK8CYd+iQhfsmsNcJDkR9Ouo5m6PGmfabYjicKF0iZroTPHXTED6F+
         uqbeG1gX0awmo9EBIEwBvCoRILA/keN4il8tw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=VCK4LdAmFqS5f6GLxjhVPLCXKnRNRYDE9mhMjeNAygI=;
        b=ivWKPL2+OndiYOLpt5cBHTJ3TGNg/kdjN027okordzNIP9WCf1pAykmJT+J5fcGIwG
         0+d8ZVpf75jIMPP2v5qQkqKysDrH1o2m1UjLfsa+idVNsMURi8wkV+lEgzT4UWK/MuMP
         hUje92aH3kz48pW2zIjfalC3XuQfh4OumDS1ntyAfJh+DQAiOsYJaQU89JESKrFI4K4K
         VFyiZ/V+SaCaFQjq1pjkfB6/Ag5HD+C4c7dhWR/oduWZeRNDdFgnV0gCfUG97tn8wwMO
         YJ0H3iSzEiSdD+TXrsHTA2v5B0Ph/NMRzpDxwJB7fJsb9AFPKteICabXynX4O4+74yKC
         VFVg==
X-Gm-Message-State: ANhLgQ1KdZwNZp2I2xUDKIH3JqpG2aWQ+h+ZO+Y5tCGlB8gWFdhtGjrX
	aBS2bVciH64egh5JKMjMy4ZW4RZtbhkPxPF/F78oEg==
X-Google-Smtp-Source: ADFU+vthOqQwpicj/9jtYRW4z0IZOcXNSopVmfZbBSiT10Un4oxmAihPbR2PF5QGo7ldEnk9yRHnjRRb4QIiRA0dC+c=
X-Received: by 2002:a92:3b1d:: with SMTP id i29mr18006883ila.232.1584890918514;
 Sun, 22 Mar 2020 08:28:38 -0700 (PDT)
MIME-Version: 1.0
References: <3CE6E742-33E9-4686-93C4-2B1DB1E405B7@craigfrancis.co.uk>
In-Reply-To: <3CE6E742-33E9-4686-93C4-2B1DB1E405B7@craigfrancis.co.uk>
Reply-To: Levi Morrison <levi.morrison@datadoghq.com>
Date: Sun, 22 Mar 2020 09:28:27 -0600
Message-ID: <CAAKU0ukCOxNbCa1vdi0NRFcfqsL2190-1_xqLoiwjRSyiWDzhg@mail.gmail.com>
To: Craig Francis <craig@craigfrancis.co.uk>
Cc: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset="UTF-8"
Subject: Re: [PHP-DEV] Making mysqli easier to use with parameters
From: internals@lists.php.net ("Levi Morrison via internals")

> <?php
>
>     $in_sql = implode(',', array_fill(0, count($ids), '?'));
>
>     $sql = 'SELECT id, name FROM user WHERE id IN (' . $in_sql . ')';
>
>     if ($statement = $db->prepare($sql)) {
>
>         $params = [str_repeat('i', count($ids))];
>         foreach ($ids as $key => $value) {
>             $params[] = &$ids[$key]; // Must be a reference, not ideal.
>         }
>         call_user_func_array(array($statement, 'bind_param'), $params);
>
>         $statement->execute();
>
>         $result = $statement->get_result();
>
>         while ($row = mysqli_fetch_assoc($result)) {
>             print_r($row);
>         }
>
>     }
>
> ?>

Written in my email client without error handling code, so apologies
if it's not quite correct:

    $in = join(',', array_fill(0, count($ids), '?'));
    $select = "SELECT id, name FROM user WHERE id IN ({$in});";
    $statement = $mysqli->prepare($select);
    $statement->bind_param(str_repeat('i', count($ids)), ...$ids);
    $statement->execute();

This is part of my [highest score answer on StackOverflow][1].
Critically, applying the ids array as `...` will handle the
by-reference passing.

I don't think we need to improve the ergonmics of mysqli for this case
specifically, as it's always going to require some dynamic SQL
generation because of the variable number of parameters to bind.

  [1]: https://stackoverflow.com/a/23641033/538216