Page 1 of 1

Prepare and Bind

Posted: Thu Dec 30, 2010 8:05 am
by michaelk46
Hey all,

I am having problems figuring out the prepare and bind statements.

It's a simple login in form with a space for a username and password. I have verified that the $sql, $value_str and $types variables contain what they should when it's passed to the class for processing...

PHP Code:

Code: Select all


$sql='SELECT id from users where username=? and password=?';    
$value_arr=array($_POST['username'], $_POST['password']); 
$value_str=implode(", ", $value_arr);
$types="ss";
if ($CMS->queryDB($sql, $value_str, $types))
    {
        print ('returned');
    } 

class:

PHP Code:

Code: Select all

$this->connection = new mysqli($this->server, $this->user, $this->password, $this->dbase);

public function queryDB($sql, $value_str, $types)
    {
        
        if(!$this->stmt = $this->connection->prepare($sql) ) 
            {
                throw new Exception('Query Error: ' . mysqli_error($this->connection));
            }
        else
            {
                $this->stmt->bind_param($types, $value_str);
                $this->stmt->execute();
                $this->stmt->close();
            }
        return true;
    } 

I get this error when I run it...

Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of elements in type definition string doesn't match number of bind variables in C:\xampp\htdocs\CMS\new\cms.php on line 66

Line 66 refers to the bind_param line.

Can anyone see what I have incorrect?

Re: Prepare and Bind

Posted: Thu Dec 30, 2010 8:17 am
by Darhazer
You have to pass 2 variables, and not string with the 2 values, to bind_param
call_user_func_array can help you refactor you queryDB() function