if (!$stmt->bind_param("isss", $id, $headline, $description, $place))
{
echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
You'll want to do that. As @Fred-ii said in the comments. You've got the syntax wrong.
How it works is that the first parameter of bind_param
is all your data types as one string, then you list your data afterwards. Ensure that you use the right data type and the right amount of parameters.
Update
Having inspected your code further, I realise you haven't use prepare
correctly. I'll include a demonstration below so you can use it as a guide.
$stmt = $mysqli->prepare("SELECT * FROM myTable WHERE id = ? AND name = ?");
if (!$stmt->bind_param("is", $id, $name))
{
echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute())
{
echo "Execution failed: (" . $stmt->errno . ") " . $stmt->error;
}
The question marks delineate each variable. This means that you put a ?
where you want a variable to go.
Then you use bind_param
to list your data types (as stated above) with your variables or data following.
Update 2
$errors = array(); // store errors here
$stmt = $mysqli->prepare("SELECT name FROM myTable WHERE id = ?"); // prepare our statement
// check that our parameters match, if not then add error
if (!$stmt->bind_param("i", $id))
{
array_push($errors, "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error);
}
// if no errors and statement fails to run
if (count($errors) <= 0 && !$stmt->execute())
{
array_push($errors, "Execution failed: (" . $stmt->errno . ") " . $stmt->error);
}
// no statement errors
if (count($errors) <= 0)
{
$stmt->bind_result($name); // store the results of the statement in this variable
// iterate through each row of the database
while ($stmt->fetch())
{
echo $name;
}
}
// report the errors
else
{
echo "<h3>Errors</h3>";
foreach ($errors as $error)
{
echo "<p>$error</p>";
}
}
-
$errors = array()
Here I create an array that will hold all of our error messages.
-
array_push($errors, "...")
The array_push
function will add a variable to the array in the syntax of array_push($array, $var)
where $array
is the array that will have items added, and $var
is the item you want to add.
I use this so that I can add errors in a neat way, that can be later iterated.
-
count($errors)
The count
function will count the number of elements in an array.
I use this to see if any errors have been added to the array. When I initialise $errors
there are no elements in it so it will return 0.
-
$stmt->bind_result($name)
This is written outside of the while loop
since it is used to tell the statement that we want to store all of the column name
inside this variable named $name
.
-
while ($stmt->fetch())
This will iterate through each row in the database. Each iteration of the while loop
will be one row of the database. In my example, I simply echoed the value for the name
column.
It is possible to store more than one column. Just add the column in the SQL query (SELECT col1, col2, col3 FROM mytable
) and then store each column in a variable in bind_result
($stmt->bind_result($col1, $col2, $col3);
. Note that they do not have to be the same name as the column; this is also valid $stmt->bind_result($myVar, $someVar, $anotherVar);
).
-
foreach ($errors as $error)
foreach
takes an array and iterates through it, storing each iteration in the variable following as
.
In this instance we have errors stored in an array named $errors
, and we store each one in $error
and write it in a paragraph tag.