堆栈内存溢出
  简体   繁体   English

mysqli错误-bind_param:变量数不匹配

[英]mysqli error - bind_param: number of variables doesn't match

 原文  2015-05-23 09:28:42       php/ mysqli/ bindparam

问题描述

I am getting the following error but I have counted things over and over again and everything appears to be fine. 我收到以下错误,但是我已经一遍又一遍地数了数,一切似乎都很好。 Anyone have any ideas on it ? 任何人有任何想法吗?

Error: 错误:

Warning : mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of variables doesn't match number of parameters in prepared statement in /home/ambnews/public_html/invoice/response.php on line 204 警告 :mysqli_stmt :: bind_param()[mysqli-stmt.bind-param]:变量数与第204/home/ambnews/public_html/invoice/response.php中已准备好的语句中的参数数不匹配

Code: 码: 

// invoice customer information
    // billing
    $customer_name = $mysqli->real_escape_string($_POST['customer_name']); // customer name
    $customer_email = $mysqli->real_escape_string($_POST['customer_email']); // customer email
    $customer_address_1 = $mysqli->real_escape_string($_POST['customer_address_1']); // customer address
    $customer_address_2 = $mysqli->real_escape_string($_POST['customer_address_2']); // customer address
    $customer_town = $mysqli->real_escape_string($_POST['customer_town']); // customer town
    $customer_county = $mysqli->real_escape_string($_POST['customer_county']); // customer county
    $customer_postcode = $mysqli->real_escape_string($_POST['customer_postcode']); // customer postcode
    $customer_phone = $mysqli->real_escape_string($_POST['customer_phone']); // customer phone number

    //shipping
    $customer_name_ship = $mysqli->real_escape_string($_POST['customer_name_ship']); // customer name (shipping)
    $customer_address_1_ship = $mysqli->real_escape_string($_POST['customer_address_1_ship']); // customer address (shipping)
    $customer_address_2_ship = $mysqli->real_escape_string($_POST['customer_address_2_ship']); // customer address (shipping)
    $customer_town_ship = $mysqli->real_escape_string($_POST['customer_town_ship']); // customer town (shipping)
    $customer_county_ship = $mysqli->real_escape_string($_POST['customer_county_ship']); // customer county (shipping)
    $customer_postcode_ship = $mysqli->real_escape_string($_POST['customer_postcode_ship']); // customer postcode (shipping)

    $query = "INSERT INTO store_customers (
                    name,
                    email,
                    address_1,
                    address_2,
                    town,
                    county,
                    postcode,
                    phone,
                    name_ship,
                    address_1_ship,
                    address_2_ship,
                    town_ship,
                    county_ship,
                    postcode_ship
                ) VALUES (
                    '".$customer_name."',
                    '".$customer_email."',
                    '".$customer_address_1."',
                    '".$customer_address_2."',
                    '".$customer_town."',
                    '".$customer_county."',
                    '".$customer_postcode."',
                    '".$customer_phone."',
                    '".$customer_name_ship."',
                    '".$customer_address_1_ship."',
                    '".$customer_address_2_ship."',
                    '".$customer_town_ship."',
                    '".$customer_county_ship."',
                    '".$customer_postcode_ship."'
                );
            ";

    /* Prepare statement */
    $stmt = $mysqli->prepare($query);
    if($stmt === false) {
      trigger_error('Wrong SQL: ' . $query . ' Error: ' . $mysqli->error, E_USER_ERROR);
    }

    print_r($stmt->bind_param(
        'sssssssissssss',
        $customer_name,$customer_email,$customer_address_1,$customer_address_2,$customer_town,$customer_county,$customer_postcode,
        $customer_phone,$customer_name_ship,$customer_address_1_ship,$customer_address_2_ship,$customer_town_ship,$customer_county_ship,$customer_postcode_ship));

    /* Bind parameters. TYpes: s = string, i = integer, d = double,  b = blob */
    $stmt->bind_param(
        'sssssssissssss',
        $customer_name,$customer_email,$customer_address_1,$customer_address_2,$customer_town,$customer_county,$customer_postcode,
        $customer_phone,$customer_name_ship,$customer_address_1_ship,$customer_address_2_ship,$customer_town_ship,$customer_county_ship,$customer_postcode_ship);

    /* Execute statement */
    $stmt->execute();

    if($stmt->execute()){
        //if saving success
        echo json_encode(array(
            'status' => 'Success',
            'message' => 'Customer has been created successfully!'
        ));
    } else {
        // if unable to create invoice
        echo json_encode(array(
            'status' => 'Error',
            'message' => 'There has been an error, please try again.'
            // debug
            //'message' => 'There has been an error, please try again.<pre>'.$mysqli->error.'</pre><pre>'.$query.'</pre>'
        ));
    }

    //close database connection
    $mysqli->close();

1 个解决方案

解决方案1
 0 已采纳  2015-05-23 09:31:28

You need to take a look at the manual : 您需要看一下手册

  1. You should not escape your values when you use a prepared statement as you will be adding literal backslashes in your data. 使用准备好的语句时,您不应逃避您的值,因为您将在数据中添加文字反斜杠。
  2. You should not inject your variables in the query but use placeholders (question marks in mysqli) instead. 您不应在查询中注入变量,而应使用占位符(mysqli中的问号)。 These are bound to your values. 这些与您的价值观息息相关。

So your query would be: 因此,您的查询将是: 

$query = "INSERT INTO store_customers (
                name,
                email,
                // etc.
            ) VALUES (
                ?,
                ?,
                // etc.
            );
        ";

And you bind your values: 然后绑定您的价值观: 

$stmt->bind_value(
    'sssssssissssss',
    $_POST['customer_name'],
    $_POST['customer_email'],
    // etc.
);

Note that I am using bind_value() instead of bind_param() as this seems to be used once only so there is no need to bind parameters, you can bind the values directly. 请注意,我使用的是bind_value()而不是bind_param()因为这似乎只使用一次,所以不需要绑定参数,您可以直接绑定值。 It should not make a difference though. 不过,这应该没有什么不同。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 bind_param()的Mysqli错误:类型定义字符串中的元素数量与绑定变量的数量不匹配 - Mysqli error with bind_param(): Number of elements in type definition string doesn't match number of bind variables Mysqli:mysqli_stmt :: bind_param():变量数与准备好的语句中的参数数不匹配 - Mysqli:mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement 错误:mysqli_stmt::bind_param():类型定义字符串中的元素数与绑定变量数不匹配 - Error: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables SQL错误:mysqli_stmt :: bind_param():类型定义字符串中的元素数量与绑定变量的数量不匹配 - SQL error :mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables mysqli_stmt::bind_param() [mysqli-stmt.bind-param]:变量数量与参数数量不匹配 - mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of variables doesn't match number of parameters 警告:mysqli_stmt :: bind_param()变量数与准备好的语句中的参数数不匹配 - Warning: mysqli_stmt::bind_param() Number of variables doesn't match number of parameters in prepared statement mysqli bind_param 变量数与准备语句中的参数数不匹配 - mysqli bind_param Number of variables doesn't match number of parameters in prepared statement mysqli_stmt :: bind_param():变量数与准备好的语句中的参数数不匹配 - mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement mysqli_stmt :: bind_param():变量数量与php中准备好的语句中的参数数量不匹配 - mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement in php mysqli_stmt :: bind_param变量数与准备好的语句中的参数数不匹配 - mysqli_stmt::bind_param Number of variables doesn't match number of parameters in prepared statement
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM