MySQLi prepared statement with dynamic update query

I'm busy changing from normal mysql_queries to prepared statements, now I found a function that generated a dynamic query based on how many fields were not empty.

I managed to convert it so it runs each field as a separate query, but is there a way to put all these queries into one query without converting to PDO ?

public function edit($ticket_id, $department_id = '', $location_id = '', $ticketcat_id = '', $ticketsta_id = '',
                     $ticketmed_id = '', $ticketpri_id = '', $ticket_assigned = '', $ticket_plandate = '', 
                     $ticket_user_name = '', $ticket_user_email = '', $ticket_user_phone = '', $ticket_subject = '') {

            $data = array(
            array('field' => 'department_id', 'value' => $department_id, 'type' => 'i'),
            array('field' => 'location_id', 'value' => $location_id, 'type' => 'i'),
            array('field' => 'ticketcat_id', 'value' => $ticketcat_id, 'type' => 'i'),
            array('field' => 'ticketsta_id', 'value' => $ticketsta_id, 'type' => 'i'),
            array('field' => 'ticketmed_id', 'value' => $ticketmed_id, 'type' => 'i'),
            array('field' => 'ticketpri_id', 'value' => $ticketpri_id, 'type' => 'i'),
            array('field' => 'ticket_assigned', 'value' => $ticket_assigned, 'type' => 'i'),
            array(开发者_Go百科'field' => 'ticket_plandate', 'value' => $ticket_plandate, 'type' => 's'),
            array('field' => 'ticket_user_name', 'value' => $ticket_user_name, 'type' => 's'),
            array('field' => 'ticket_user_email', 'value' => $ticket_user_email, 'type' => 's'),
            array('field' => 'ticket_user_phone', 'value' => $ticket_user_phone, 'type' => 's'),
            array('field' => 'ticket_subject', 'value' => $ticket_subject, 'type' => 's')
            );

            foreach($data as $id => $data_) {
                IF(empty($data_['value'])) unset($data[$id]);
            }

            IF(count($data) > 0) {

                $errors = false;
                $query = 'UPDATE tickets SET ';
                foreach($data as $id => $values) {
                    $query2 = $query.$values['field'].' = ? WHERE ticket_id = ? ';
                    echo $query2.'<br />';
                    IF($stmt = $this->db->prepare($query2)) {                    
                        $types = $values['type'].'i';
                        $stmt->bind_param($types, $values['value'], $ticket_id);

                        IF(!($stmt->execute())) {
                            $errors = true;
                        }
                        $stmt->close();
                    }
                }

                IF(!$errors) {
                    $this->db->commit();
                    return true;
                }

                return false;
            }
        }

---

The trick is to construct an array that contains the parameters that you want to bind, then with the help of call_user_func_array, you can pass this array to bind_param.

See http://www.php.net/manual/en/function.call-user-func-array.php for details on call_user_func_array.

Your code can be something like:

    $para_type="";
    /* $para is the array that later passed into bind_param */
    $para=array($para_type);
    $query = 'UPDATE tickets SET ';

    IF(count($data) != 0) {
        /* Looping all values */

        foreach($data as $k=>$d) {
            $query .= '`'.$d['field'].'` = ? ,';

            $para_type .=$d['type'];

            $para[] = &$data[$k]['value'];
        }

        /* removing last comma */
        $query[(strlen($query)-2)] = '';

        /* adding where */
        $query .= ' WHERE `ticket_id` = ?';
        $para_type .= 'i';
        $para[]=&$ticket_id;

        call_user_func_array(array($stmt, 'bind_param'), $para);

        return true;
    }

Notice the & in front of all parameters, it is required by bind_param.

Another way which I think is better is to use PDO. It takes named parameter and can do incremental bind.