Long story short, I've gotten this far:
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s",$_GET['slug']);
But I'm completely confused on how to get the result into an associative array. I tried
$stmt = $mysqli->prepare($sql);
$result = $stmt->bind_param("s",$_GET['slug']);
while ($row = $result->fetch_assoc()) {
printf ("%s (%s)
", $row["website_name"], $row["subheading"]);
}
I don't think I could use $mysqli->query($query)
instead of a prepared statement, 'cause that seems like it would leave me open to SQL Injection attacks. Yet, that's the bit of code used in the PHP documentation for doing what I want to do. So I can't find anything that shows how to take the results of a prepared statement and move it into an associative array. Does anyone know? Is it even possible?