When I am using mysqli_stmt_bind_param($stmt, "sssi", $title, $content, $published_at, $id); function for binding the parameters received through post request, It’s working fine as it returns true and execute successfully, But If I use $title instead of $id in 4th parameters as mysqli_stmt_bind_param($stmt, "sssi", $title, $content, $published_at, $title);, then it should return false because we are binding string type to integer as the $title contains varchar type and for this time, I was using the value of $title as alphabetic characters but instead of returning false because of data-types mismatching, it’s returning true.
I know it won’t update the database as I am passing title instead of id, but I just wanted to know the behavior because it’s returning true for mismatched types also.
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$title = $_POST['title'];
$content = $_POST['content'];
$published_at = $_POST['published_at'];
// function to validate empty fields
$errors = validateArticle($title, $content, $published_at);
if (empty($errors)) {
$sql = "UPDATE article
set title = ?,
content = ?,
published_at = ?
WHERE id = ?";
$stmt = mysqli_prepare($conn, $sql);
if ($stmt === false) {
echo mysqli_error($conn);
} else {
if ($published_at == ''){
$published_at = null;
}
// Binding the parameters to prepared query
$check = mysqli_stmt_bind_param($stmt, "sssi", $title, $content, $published_at, $id);
var_dump($check);
if (mysqli_stmt_execute($stmt)) {
print_r("already executed");
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'){
$protocol = 'https';
}else{
$protocol = 'http';
}
// header("Location: {$protocol}://" . $_SERVER['HTTP_HOST'] . "/article.php?id={$id}");
exit;
} else {
echo mysqli_stmt_error($stmt);
}
}
}
}