connect_error) { die("Connection failed: " . $conn->connect_error); } echo "Connected successfully"; ?>
connect_error) { die("Connection failed: " . $conn->connect_error); } // Prepare and bind $stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)"); $stmt->bind_param("sss", $firstname, $lastname, $email); // Set parameters and execute $firstname = "John"; $lastname = "Doe"; $email = "john@example.com"; $stmt->execute(); echo "New records created successfully"; $stmt->close(); $conn->close(); ?>This example shows how to use prepared statements to insert data into a MySQL database. Prepared statements protect against SQL injection attacks by separating the SQL statement from the user-provided data. Package library: The MySQLi extension provides support for using prepared statements, and no additional packages or libraries are required to use this feature.