MySQLi_Stmt::Bind_Param(): Number of Elements in Type Definition String Doesn't Match Number of Bind Variables

mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables

The characters in the string should not be separated by commas:

$stmt->bind_param("sss...", /* variables */);

You can see this format demonstrated in the examples on the manual page.

Warning: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables 11

You have to put three "s" in the bind_param method, because there are three variables to bind

$result = $db->prepare("INSERT INTO links VALUES (NULL, ?, ?, ?)");

$result->bind_param('sss', $url, $title, $ltime);

I's also better to pass a null NULL value for the autoincremented field instead of an empty string

Hot to fix Warning: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables ?

The Issues

The First Issue:

There are two lines in your code that have issues, the first is with the query:

$sql = "INSERT into Requests SET email ='$email' , firstname ='$firstname' , lastname = '$lastname' , msg = '$msg'";

You should write your query separate from the data, instead of entering the variables you want the field to store, use a question mark instead. You will pass the variables into the query later using bind_param.

The Second Issue:

The second issue you have is with your bind_param, the first argument is wrong, by writing 's' you are telling the function to expect one string variable.

$statement->bind_param("s", $email ,$firstname ,$lastname ,$msg);

The Third Issue:

You do not currently execute the query correctly, you are overwriting the statement with a call to a function instead of running the function from the object:

$statement = execute()

Please see in my solution below how to get this to work.

The Solutions:

To fix the first issue you will need to replace the variables in your query with question marks like this:

$sql = "INSERT into Requests SET email = ?, firstname = ?, lastname = ?, msg = ?";

You'll then want to update the following line to replace the question marks in the query above with the actual data, these are entered in the order they appear in the query.

$statement->bind_param("ssss", $email, $firstname, $lastname, $msg);

As you can see, I've changed your 's' to 'ssss' this means that we are expecting four strings, instead of one.

If you were expecting a string, an integer and then two more strings you would instead write 'siss'.

To fix the third issue you will need to actually execute the script correctly by writing:

$statement->execute();

XML attribute vs XML element

I use this rule of thumb:

An Attribute is something that is self-contained, i.e., a color, an ID, a name.
An Element is something that does or could have attributes of its own or contain other elements.

So yours is close. I would have done something like:

EDIT: Updated the original example based on feedback below.

  <ITEM serialNumber="something">
      <BARCODE encoding="Code39">something</BARCODE>
      <LOCATION>XYX</LOCATION>
      <TYPE modelNumber="something">
         <VENDOR>YYZ</VENDOR>
      </TYPE>
   </ITEM>

SQL error :mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables

In your case problem, is that you use ->bind_param function incorrectly.

// prepare and bind
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email); // sss means string string string

// set parameters and execute
$firstname = "John";
$lastname = "Doe";
$email = "john@example.com";
$stmt->execute();

The argument may be one of four types:

i - integer
d - double
s - string
b - BLOB

I believe the right code should be like following:

$conn = new mysqli($DB, $username, $password, $dbname); 

// You can avoid this structure, by doing concatenation!!!**
if($condition == 'con1'){
    $sql = "UPDATE users SET con1=? WHERE name=?";  
}elseif($condition == 'con2'){
    $sql = "UPDATE users SET con2=? WHERE name=?";  
}elseif($condition == 'con3'){
    $sql = "UPDATE users SET con3=? WHERE name=?";  
}

if($query = $conn->prepare($sql)) { 
    $query->bind_param("ss", $con, $name);
    $con = 'yourNeededValue';
    $name = 'someName?';
    $query->execute();

} else {
    $error = $conn->errno . ' ' . $conn->error;
    echo $error; 
}

Error: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables

bind_param('ssss', $username, $email, $password); 
            ^^^^        ^        ^        ^
            ||||        |        |        |
        4 parameters    1        2        3          4?

4 !== 3

How do I fix Warning: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables

There are 4 ? in your query, if id column is AUTO_INCREMENT, you can remove it from query like this:

    public function createUserAccount($username,$password,$department){
        if($this->userExists($username)){
            return "USER_ALREADY_EXISTS";
        }
        else{
            $pass_hash = password_hash($password,PASSWORD_BCRYPT,["cost"=>8]);
            $pre_stmt = $this->con->prepare("INSERT INTO `user`(`username`, `password`, `department`) VALUES (?,?,?)");
            $pre_stmt->bind_param("sss", $username, $pass_hash, $department);
            $result = $pre_stmt->execute() or die($this->con->error);
            if($result){
                return $this->con->insert_id;
            }
            else{
                return "some error";
            }
        }

why am i getting this error, Warning: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables

Looks like the code is passing a string scalar to bind_param. I think we want to pass the elements of the array.

We can do something like this:

$stmt->bind_param(''.$binders.'', $values);

As Bill Karwin correctly points out, passing the entire array (as in the line above) won't work, it has the same problem as the original passing a single reference. The ... syntax should cause that array to be unpacked, each individual element passed by reference, a variable number of elements.)

Something like this:

$stmt->bind_param(''.$binders.'', ...$values);

and for passing values through bind parameters, we don't need to enclose the values in single quotes. These lines are not needed:

 array_walk($values, function(&$x) {$x = "'$x'";});
 $val = implode(',  ', $values);

mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables warning

you appear to be mixing PDO syntax with MySQLi syntax.

Please read up on http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers

I do not use PDO myself much, but I do use MySQLi, so your references as :something are PDO declarations, but the SQL functions you use are MySQLi.

With a MySQLi bind_param function you need to add all the data into an array-like row (it may actually be an array), but preceeded by a declaration of types, as in String, integer, Double and Blob.

I have rewritten your code in the MySQLi form:

$mysqli = new mysqli('localhost', 'root', '', 'Muproj');    
$query="INSERT INTO tblmember VALUES (?, ? , ? , ? , ? ,? )";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("issssi", $newid, $C_uname, $C_passwrd, $C_name, $C_surname, $zero)
$stmt->execute();
//$result=mysqli_query($stmt);

You need to do some serious research as to the differences of approach and formatting and functionality between MySQLi and PDO. Also be careful to maintain ALL your MySQL as MySQLi , as for example your $result was using the deprectated MySQL query statement.

PS: I would also suggest for clarity and forward compatibility that your INSERT statement in the SQL reads as:

 INSERT INTO table_name (column_names1, column_name2, column_names3, ...) VALUES (?,?,?, ...)

So you and the SQL can clearly see which values are plugged into which columns.