I have a SQL statement that includes a UNION that I can't get to work when I bind the parameters. (I am binding the parameters to prevent SQL injection.)
Does anybody have any suggestion on how I can use a SQL statement that includes a UNION and bind the params?
Code would be something like this:
$sql=" SELECT DISTINCT cp.model_code, p.product_code, cp.model_desc, cp.eur_na, '2005' calendar_year, cp.volume, \
FROM calendar_product cp, product p
WHERE cp.calendar_year = '$calYear' AND cp.eur_na = '$region' AND cp.model_code = '$modelCode'
AND p.product_code = cp.product_code
UNION SELECT cp.model_code, '' product_code, cp.model_desc, cp.eur_na, '2005' calendar_year,
FROM calendar_product cp, model m
WHERE cp.model_code = m.model_code AND cp.calendar_year(+) = '$calYear' AND cp.eur_na = '$region' AND cp.model_code = '$modelCode'
AND cp.product_code = 'VEHL' ";
$sth = $dbh->prepare($sql);
$sth->bind_param( 1, $calYear );
$sth->bind_param( 2, $region );
$sth->bind_param( 3, $modelCode );
$sth->execute;