I built api that return query result.
request is as like below.
/getSingersJson.php?test=144,138
it receive list of id. It will turn into query like this.
SELECT * FROM mv_data WHERE idx IN (144,138);
I prepared statement like as below
$artist_list = $_GET['test'];
$stmt = "SELECT * FROM mv_data WHERE idx IN (?)";
$stmt->bind_param("s", $artist_list);
$stmt->execute();
$result = $stmt->get_result();
The problem is when I request "/getSingersJson.php?test=144", it returns 27 rows.
But when I request "/getSingersJson.php?test=144,138" it also returns 27 rows. It suppose to be returns 41 rows.
I check the sql query directly on the database it works fine(returns 41 rows).
Also I tried escaping "," like below
$artist_list = str_replace(",", "\,", $_GET['test']);
But it also returns 27 rows.
Please advise me if there are some solutions or I can check exact query in the prepared statement object.
