dpd2349
2015-07-18 17:18
浏览 73
已采纳

致命错误:调用未定义的函数bind_param()

I want to retrieve student name from database using mysql LIKE, i have following form

  <form action="search.php" method="POST">
        <input type="text" name="search" id="search-input">
        <input type="submit" value="Submit" id="submit">
  </form>

And my search.php

<?php 
        require_once 'db.php';
        if (isset($_POST['search']) && !empty($_POST['search'])) {
            $search_param = trim($_POST['search']);

            $slct_search = $db->prepare("SELECT student_name FROM student_details WHERE student_name LIKE ?") or die($db->error);
            $slct_search = bind_param('s', $search_param);
            $slct_search->execute();        
            $res = $slct_search->get_result();  
            if($res->num_rows) {            
                while ($result = $res->fetch_object()) {
                    echo $result->student_name;
                }
            } else {
                echo 'OOPS we had a problem';
            }   
        }
    ?>

When I click the submit button i am receiving following error

Fatal error: Call to undefined function bind_param() in F:\xampp\htdocs\sel\search.php on line 7

  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • duanlai1855 2015-07-18 17:44
    已采纳

    Have you tried:

    $slct_search->bind_param('s', $search_param);
    

    Also note that you might use trim() but it still leaves you open to SQL-injection. Try to do someting like:

    $db->real_escape_string( trim( $_POST['search'] ) );
    

    Read about some other escapeing here:

    已采纳该答案
    评论
    解决 无用
    打赏 举报
  • dongrongdao8902 2018-09-22 15:42

    Please use - > for the bind_param

    Use this $slct_search - >bind_param

    Instead of this $slct_search = bind_param

    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题