Asked  1 Year ago    Answers:  5   Viewed   11 times

I'm getting this error : Number of variables doesn't match number of parameters in prepared statement every time I run this code:

$dbh = new mysqli("localhost", "***", "***", "pics");
    $stmt = $dbh->prepare("INSERT INTO comments (username, picture, comment) VALUES (?, ?, ?)");
   $stmt->bind_Param('s', $username);
   $stmt->bind_Param('d', $picture);
   $stmt->bind_Param('s', $comment);

   $username=$_SESSION['username'];
   $picture=$_GET['id'];
   $comment=$_POST['comment'];
   $stmt->execute();

What's the problem?

 Answers

3

Try putting all the parameters into one bindParam call:

$stmt->bind_Param('sds', $username, $picture, $comment);
Saturday, May 29, 2021
 
Slinky
 
4

That is a good use of close, especially since you are planning on making another query. With both PDO statements and MySQLi statements, I find that erring on the side of cleanliness is almost always for the best -- it removes potential bugs down the line.

As to the gentlemen with 250 operations... I don't see what the real use case is. Why does he need to query the database 250 different times? Why can't he query the database once with 250 records? Or, more likely, why can't he query the database 25 times with 10 records?

Thursday, April 1, 2021
2

Simple mistake... Ugh. I hate that. Not my credit.

$bind = 'siiiiissssiss'; // No commas
Saturday, May 29, 2021
 
3

Is this thinking correct? fetch() for one, fetch_all() for many?

That's actually two different methods of two different objects.

  • fetch() belongs to mysqli statement object and uses ugly method of assigning query result to global variables. Can be run in a loop. Loop is a thing where you can do fetch one single row... many times. So, nothing contradicting in using fetch() to get many records
  • fetch_all() belongs to mysqli result object and being just a syntax sugar, running fetch_assoc() for you in a loop.
Saturday, May 29, 2021
 
4

The characters in the string should not be separated by commas:

$stmt->bind_param("sss...", /* variables */);

You can see this format demonstrated in the examples on the manual page.

Wednesday, June 2, 2021
 
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :