MySQL + SQL · Lesson 102
Prepared Statements in MySQL
What is a Prepared Statement?
A prepared statement sends the SQL structure and the values separately. The database treats values strictly as data — preventing SQL injection and speeding up repeated queries.
In MySQL
PREPARE stmt FROM 'SELECT * FROM students WHERE marks > ?';
SET @m = 80;
EXECUTE stmt USING @m;
DEALLOCATE PREPARE stmt;In PHP (PDO)
$stmt = $pdo->prepare("INSERT INTO students(name, marks) VALUES(?, ?)");
$stmt->execute(["Aman", 88]);Summary
- Prepared statements separate SQL from values using placeholders (?).
- They prevent SQL injection and speed up repeated queries.
💻 Live Code Editor
Is page ki language (MYSQL) mein code likhein aur turant chalाएं — yahीं, bina kuch install kiye.Powered by OneCompiler. Agar editor na khule to yahान naye tab mein kholein.
💻 Live Code Editor
Is page ke program yahan ready hain — chalाएं, badlें aur seekhें. Bina kuch install kiye.
Powered by OneCompiler. Editor mein code apne aap aa jata hai — Run dabaakर output dekhें.
Agar load na ho to naye tab mein kholें.