Linked Questions

Popular Questions

So using prepared statements and bound parameters is the suggested way for writing sql statements. Oci8 manual does not describe how to do it with prepared statements.

Below is how to return the next row from a query as an object, but it's not the best practice as the query string can contain a where col = $PHPvariable

<?php

    $conn = oci_connect('hr', 'welcome', 'localhost/XE');
    if (!$conn) {
        $e = oci_error();
        trigger_error(htmlentities($e['message'], ENT_QUOTES), E_USER_ERROR);
    }

    $select_sql= oci_parse($conn, 'SELECT id, description FROM mytab');
    oci_execute($select_sql);

    while (($row = oci_fetch_object($select_sql)) != false) {
        // Use upper case attribute names for each standard Oracle column
        echo $row->ID . "<br>\n";
        echo $row->DESCRIPTION . "<br>\n"; 
    }

    oci_free_statement($stid);
    oci_close($conn);

    ?>

Related Questions