（PHP）警告：mysqli_stmt :: bind_param（）：变量数与准备好的语句中的参数数不匹配

Question

I have the following query.

    $mysqldb = mysqlidb_class();
    $query = "select * from post where idx < ?"

Then I bind the parameter and execute.

    $bindvariable = array();
    array_push($bindvariable, $post_photoidx);
    array_push($bindvariable, $post_idx);
    $res = $mysqldb->rawQuery($query, $bindvariable);

Then I get the following error.

    Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement

But when I change the query like below, the error disappears.

    $query = "select * from post where idx = ?"

What am I doing wrong here?

Here is the class I use for the mysql query

    <?php

    class MysqliDb
    {
        ......

        public function rawQuery ($query, $bindParams = null, $sanitize = true)
        {
            $this->_query = $query;
            if ($sanitize)
                $this->_query = filter_var ($query, FILTER_SANITIZE_STRING,
                                        FILTER_FLAG_NO_ENCODE_QUOTES);
            $stmt = $this->_prepareQuery();
            if (is_array($bindParams) === true) {
                $params = array(''); // Create the empty 0 index
                foreach ($bindParams as $prop => $val) {
                    $params[0] .= $this->_determineType($val);
                    array_push($params, $bindParams[$prop]);
                }
                call_user_func_array(array($stmt, 'bind_param'), $this->refValues($params));
            }
            $stmt->execute();
            $this->_stmtError = $stmt->error;
            $this->reset();
            return $this->_dynamicBindResults($stmt);
        }

        ......

        protected function _buildQuery($numRows = null, $tableData = null)
        {
            $this->_buildJoin();
            $this->_buildTableData ($tableData);
            $this->_buildWhere();
            $this->_buildGroupBy();
            $this->_buildOrderBy();
            $this->_buildLimit ($numRows);
            $this->_lastQuery = $this->replacePlaceHolders ($this->_query, $this->_bindParams);
            if ($this->isSubQuery)
                return;
            // Prepare query
            $stmt = $this->_prepareQuery();
            // Bind parameters to statement if any
            if (count ($this->_bindParams) > 1)
                call_user_func_array(array($stmt, 'bind_param'), $this->refValues($this->_bindParams));
            return $stmt;
        }

        protected function _prepareQuery()
        {
            if (!$stmt = $this->_mysqli->prepare($this->_query)) {
                trigger_error("Problem preparing query ($this->_query) " . $this->_mysqli->error, E_USER_ERROR);
            }
            return $stmt;
        }

        protected function refValues($arr)
        {
            //Reference is required for PHP 5.3+
            if (strnatcmp(phpversion(), '5.3') >= 0) {
                $refs = array();
                foreach ($arr as $key => $value) {
                    $refs[$key] = & $arr[$key];
                }
                return $refs;
            }
            return $arr;
        }

    ......

    } // END class

Answer 1

You mightn't use array(2). Instead, use

$sql = "select * from post where idx < :i";
$stmt->bindparam("i", 2);
$stmt->execute();

or use

$array = array($something,$else,$whatever); 
$sql = "select * from post where idx < ?";
$stmt->bindparam("i", $array[2]);
$stmt->execute();

Answer 2

It looks like you are not preparing your query before biding parameters to it.

$sql = "SELECT * FROM post WHERE idx < ?"; 

if($stmt = $stmt->prepare($sql)) {
    $stmt->bind_param('i', 2);
    $stmt->execute();
}   

Answer 3

Santize filters ruined my SQL query.

I have changed the source to the following to resolve the problem.

    $mysqldb->rawQuery($query, $bindvariable, false);