[英]mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of variables doesn't match number of parameters
My php form inserts a few columns and an encrypted password into my table.我的 php 表单在我的表中插入了几列和一个加密的密码。 However when I run it it says the variable number doesn't match the number of parameters.
但是,当我运行它时,它说变量数与参数数不匹配。 This is my code:
这是我的代码:
<?php
if (isset($_POST['insert'])) {
require_once 'login.php';
$OK = false;
$conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed");
$stmt = $conn->stmt_init();
$sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password)
VALUES(?, ?, ?, des_encrypt(substring(md5(rand()),1,8)))';
if ($stmt->prepare($sql)) {
// bind parameters and execute statement
$stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);
// execute and get number of affected rows
$stmt->execute();
if ($stmt->affected_rows > 0) {
$OK = true;
}
}
if ($OK) {
header('Location: confirm.php');
exit;
} else {
$error = $stmt->error;
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Add User</title>
</head>
<body>
<h1>Add User</h1>
<?php if (isset($error)) {
echo "<p>Error: $error</p>";
} ?>
<form id="form1" method="post" action="">
<p>
<label for="user_email">User email:</label>
<input name="user_email" type="text" class="widebox" id="user_email">
</p>
<p>
<label for="user_name">User name:</label>
<input name="user_name" type="text" class="widebox" id="user_name">
</p>
<p>
User role: <select name = "user_pref">
<option value = "BLU">Blue</option>
<option value = "YEL">Yellow<option>
<option value = "GRE">GREEN</option>
</select>
</p>
<p>
<input type="submit" name="insert" value="Register New User" id="insert">
</p>
</form>
</body>
</html>
When I test the form without the ENCRYPTED PASSWORD it works fine, so this line causes issue when i'm trying to insert the password:当我在没有 ENCRYPTED PASSWORD 的情况下测试表单时,它工作正常,因此当我尝试插入密码时,此行会导致问题:
$stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);
Am I supposed to change string to something else for password ?我应该将字符串更改为其他密码吗?
thanks谢谢
$sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password)
VALUES(?, ?, ?, des_encrypt(substring(md5(rand()),1,8)))';
Defines only 3 placeholders but you try to write to 4 ones.仅定义 3 个占位符,但您尝试写入 4 个。
$stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);
For every ?对于每个 ? you insert in the prepared SQL statement you have to pass a variable in bind_param.
你在准备好的 SQL 语句中插入你必须在 bind_param 中传递一个变量。
You're passing four variables here:你在这里传递四个变量:
$stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);
but only three of them are required但只需要其中三个
$sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password)
VALUES(?, ?, ?, des_encrypt(substring(md5(rand()),1,8)))';
See "?"看 ”?” marks, it will be replaced with bild_params.
标记,它将被 bild_params 替换。 You probably want to replace your SQL query to the next one:
您可能想将 SQL 查询替换为下一个查询:
$sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password)
VALUES(?, ?, ?, des_encrypt(substring(md5(?),1,8)))';
The number of parameter to be taken by your query is determined by the number of ?
您的查询要采用的参数数量由
?
in your query.在您的查询中。
You have 3 ?
你有 3
?
in your query :在您的查询中:
$sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password)
VALUES(?, ?, ?, des_encrypt(substring(md5(rand()),1,8)))';
and you are passing 5 parameter in bind_param
:并且您在
bind_param
中传递了 5 个参数:
$stmt->bind_param($_POST['user_email'], $_POST['user_name'], $_POST['user_pref']);
There are 2 solution possible :有两种可能的解决方案:
Take 5 parameters in the query :在查询中取 5 个参数:
$sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password) VALUES(?, ?, ?, ?, des_encrypt(?))';
Pass only 3 param in the bind_param
function :在
bind_param
函数中只传递 3 个参数:
$stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.