How would I rewrite this SQL as a prepared statement using PHP?
SELECT *
FROM `user_groups`
WHERE `group_name` IN ("'.implode('","',$arrayOfGroupNames).'")
I’ve tried using [arrayOfGroupNames => $arrayOfGroupNames] as the second argument for the prepared statement but this doesn’t work.
>Solution :
using named place holders (PDO)
$arrayOfGroupNames = array_combine($arrayOfGroupNames, $arrayOfGroupNames);
$statement = 'SELECT * FROM `user_groups` WHERE `group_name` in(:'.implode(', :',array_keys($arrayOfGroupNames)).')';
using ?? (PDO/mysqli)
$statement = 'SELECT * FROM `user_groups` WHERE `group_name` in('.trim(str_repeat(', ?', count($arrayOfGroupNames)), ', ').')';