int mysql_stmt_prepare(MYSQL_STMT *stmt, const char
*stmt_str, unsigned long length)
Given the statement handler returned by
the SQL statement pointed to by the string
stmt_str and returns a status value. The
string length should be given by the
argument. The string must consist of a single SQL statement.
You should not add a terminating semicolon
\g to the
The application can include one or more parameter markers in
the SQL statement by embedding question mark
?) characters into the SQL string at the
The markers are legal only in certain places in SQL
statements. For example, they are permitted in the
VALUES() list of an
INSERT statement (to specify
column values for a row), or in a comparison with a column in
WHERE clause to specify a comparison
value. However, they are not permitted for identifiers (such
as table or column names), or to specify both operands of a
binary operator such as the
= equal sign.
The latter restriction is necessary because it would be
impossible to determine the parameter type. In general,
parameters are legal only in Data Manipulation Language (DML)
statements, and not in Data Definition Language (DDL)
The parameter markers must be bound to application variables
before executing the statement.
Metadata changes to tables or views referred to by prepared statements are detected and cause automatic repreparation of the statement when it is next executed. For more information, see Section 8.10.4, “Caching of Prepared Statements and Stored Programs”.
See the Example in Section 220.127.116.11, “mysql_stmt_execute()”.