bind_param Number of variables doesn't match number of parameters in prepared statement
Your prepared statement is wrong, it should be:
$stmt = $mysqli->prepare("
SELECT DISTINCT model FROM vehicle_types WHERE year = ? AND make = ? ORDER by model
");
$stmt->bind_param('is', $year, $make);
$stmt->execute();
When you prepare a statement, you have to substitute every variable with a question mark without quotes. A question mark within quotes will not be recognized as a placeholder.
The number of question marks must be equal to the number of variables in the bind_param()
mysqli bind_param Number of variables doesn't match number of parameters in prepared statement
When using LIKE
in a prepared statement, it's a little bit different. You should add the %
to the parameter before binding it to the statement.
Try something like below:
$param = "%{$_GET['search']}%";
$stmt = $sql->prepare("SELECT name, site, message, `when` FROM messages WHERE message LIKE ?");
$stmt->bind_param('s', $param);
$stmt->execute();
$result = $stmt->get_result();
mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement
Modification is:
$stmt->bind_param ( "ss", $user, $pass);
because 1 data type is not defind in bind_param (). bind_param() will take two arguments 1st one is types (i, d, s, b) corresponding datatype in your query(?) and 2nd arg are values.
Suggestion's are:
Don't compare with ==, for empty string because if user enter's 3 white spaces it will not equal. use empty() for checking empty string or not.
Don't call unnecessary methods, it does not have any meaning, for eg: in your code your calling
trim()
aftermd5()
.md5()
will not return any white space character. So callingtrim(md5($username))
is meaning less.
Try to replace your code with my code hope your problem is solved.
public function login($_username, $_password) {
$this->sessionOpen ();
if (empty($_username)) {
$this->log->error ( "Username vuoto" );
throw new AuthLoginFailed ();
}
if (empty($_password)) {
$this->log->error ( "Password vuota" );
throw new AuthLoginFailed ();
}
$db = new mysqli ( $this->sql ['server'], $this->sql ['username'], $this->sql ['password'], $this->sql ['database'] );
if (mysqli_connect_errno ()) {
$this->log->error ( "Errore di connessione a mysql: " . mysqli_error ( $db ) );
throw new MysqliConnectionError ( "Mysqli error: " . mysqli_error ( $db ) );
}
$stmt = $db->prepare ( "SELECT id,org_id,org_group_id,people_id FROM users WHERE 'username' = ? AND 'password' = ?" );
if (! $stmt) {
$this->log->error ( "Mysqli prepare error: " . mysqli_error ( $db ) );
throw new MysqliPrepareException ( "Mysqli error: " . mysqli_error ( $db ) );
}
echo md5 ( $_username ) . "---" . md5 ( $_password );
//on page username and password is showed at this point
$user=md5 ( $_username );
$pass=md5 ( $_password );
$stmt->bind_param ( "ss", $user,$pass);
/* Execute it */
$stmt->execute ();
if (! $stmt) {
$this->log->error ( "Mysqli prepare error: " . mysqli_error ( $db ) );
throw new MysqliExecuteException ( "Mysqli error: " . mysqli_error ( $db ) );
}
$stmt->fetch($rst);
echo "results: " . $rst->num_rows; //output of this: results:
if ($rst->num_rows == 0) {
throw new AuthLoginFailed ();
}
/* Close statement */
$stmt->close ();
/* Close connection */
$db->close ();
}
Let me know once your problem is solved.
mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement on line 64
That's not how bind_param
works in mysqli. Maybe you were thinking of PDO? In mysqli you have to bind them all at once with one statement.
$stmtPruefung->bind_param("sss",$username, $key, $hwid);
Line 64 will be $stmtPruefung->bind_param("s",$username);
, and you're getting that "Number of variables doesn't match" error because it's expecting all three and you're giving it one.
Unsure why I am getting: Number of variables doesn't match number of parameters in prepared statement
You are binding one variable, but you have zero parameters in your prepared statement. Interpolating a PHP variable into a string is not a parameter.
WRONG: Zero parameters, just string interpolation:
$stmt = $con->prepare('SELECT username, rank, id, steamid, avatar FROM users
WHERE id="$uid"');
RIGHT: One parameter:
$stmt = $con->prepare('SELECT username, rank, id, steamid, avatar FROM users
WHERE id=?');
MySQLi Prepared Statement Number of variables doesn't match number of parameters
Without going into much details, please do not mix 'direct values' with value holders (?) in your query. Instead, bind them all at once. Try the following:
$query = $connection->prepare("INSERT INTO events (date, time, showTime, venue, description) VALUES (?, ?, ?, ?, ?)");
$query->bind_param('sssss', $date, $time, $showtime, $venue, $description);
Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement
Replace '$ID'
in the query with ?
. The question mark is used to mark variables that need to be bound.
Prepared Statement: Number of variables doesn't match number of parameters in prepared statement
You try to bind 2 parameters to a query that does not have any parameters:
$stmt = $db_conx->prepare("SELECT id, product_name FROM yt ORDER by id");
$stmt->bind_param("is", $id, $product_name);
You can only bind parameters if you define placeholders for them like this:
$stmt = $db_conx->prepare("SELECT id, product_name FROM where id = ? or product_name = ?");
$stmt->bind_param("is", $id, $product_name);
The ?
denotes placeholders you can bind parameters to.
Related Topics
How to Solve Time Out in PHPmyadmin
Using the PHP Http_Accept_Language Server Variable
Best Practice: Import MySQL File in PHP; Split Queries
Why Does 1234 == '1234 Test' Evaluate to True
Guzzle: Handle 400 Bad Request
Switching Between Http and Https Pages with Secure Session-Cookie
PHP Function Use Variable from Outside
Save PHP Variables to a Text File
In PHP, How to Detect the Execution Is from Cli Mode or Through Browser
Download CSV File Using "Ajax"
PHP - Import CSV File to MySQL Database Using Load Data Infile
How to Check That an Object Is Empty in PHP
PHP Gd Use One Image to Mask Another Image, Including Transparency
How to Access the Form's 'Name' Variable from PHP
What Is Better in a Foreach Loop... Using the & Symbol or Reassigning Based on Key