mysqld bind_param

Hi there,
I would like to do a bind_param, the problem is I don't know the names
of the fields in advance, or in fact how many fields I will be setting.

Look at this example code (from
hp>)

$stmt = $mysqli->prepare("INSERT INTO CountryLanguage VALUES (?, ?,
?,?)");$stmt->bind_param('sssd', $code, $language, $official,
$percent);

I can build the prepare string alright, But what about the second line?

Of course I can build up the actual SQL query string like so:

$stmt = "INSERT INTO CountryLanguage VALUES (".$code.",
".$language.",".$official.", ".$percent.")";

Because of SQL injection that doesn't seem to be a good idea. What
should I do?

Cheers, Steffen


--

I'm trying a new usenet client for Mac, Nemo OS X.
You can download it at http://www.malcom-mac.com/nemo