Here is the code. $fieldNamesA and $fieldValsA are created in a foreach loop from POST variables:
$fieldNamesS = implode(',',$fieldNamesA);
$fieldValsS = implode(',',$fieldValsA);
$mysqli = new mysqli('localhost', 'user', 'pw', 'db');
mysqli_report(MYSQLI_REPORT_ALL);
$stmt = $mysqli->prepare('INSERT INTO users (?) VALUES (?)');
if ($stmt === FALSE) {
die ("Mysql Error: " . $mysqli->error);
}
$stmt->bind_param('ss', $fieldNamesS,$fieldValsS);
$stmt->execute();
printf("%d Row inserted.
", $stmt->affected_rows);
/* close statement and connection */
$stmt->close();
Here are error msgs:
Fatal error: Uncaught exception 'mysqli_sql_exception' with message 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?) VALUES (?)' at line 1' in userreg.php:47
Stack trace:
#0 userreg.php(47): mysqli->prepare('INSERT INTO use...')
#1 {main}
thrown in /userreg.php on line 47
I don't understand why it is complaining that there is something wrong with my insert statement. If I hardcode the column/field names, I get an error that the number of columns does not match the number of values, which is not correct. I var_dumped the variables just to make sure and they have the same number of parameters.