PHP MySQL throwing error around anonymous variables in prepared statement

Question

When I run my prepared statement, I get the following error:

Error: INSERT INTO articles ( url , headline , pubDate , source , image_loc ) VALUES (?, ?, ?, ?, ?) You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?, ?, ?, ?)' at line 6

Here's the code that seems to be throwing the error:

            $sql = "INSERT INTO $tableName (`url`, 
                            `headline`, 
                            `pubDate`, 
                            `source`, 
                            `image_loc`) 
                VALUES(?, ?, ?, ?, ?)";

        // MySQLi connection, binds variables to prevent injection, executes
        $stmt = $connection->prepare($sql);
        $stmt->bind_param('sssss', $url, $headline, $pubDate, $source, $image_loc);
        $stmt->execute();

Edit: Here's what I'm setting up as my connection in a separate file. It works in the sense that everything is being saved ... I'm just still throwing an error.

$servername = "localhost";
$username = "xxxxxx";
$password = "xxxxxx";
$dbname = "news";
$tableName = "articles";

$connection = mysqli_connect($servername, $username, $password, $dbname);

if (!$connection) {
  die("Connection failed: " . mysqli_connect_error());
}

Edit again: This is the code that was put in to check on the success of the insert, though I'm guessing this may be the root of the problem (but I'm not experienced enough to understand why):

if (mysqli_query($connection, $sql)) {
            echo "New record created successfully";
        } else {
            echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
        }

Answer 1

Your code:

if (mysqli_query($connection, $sql)) {
    echo "New record created successfully";
} else {
    echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}

...uses mysqli_query() . That is actually another way of executing a query, only unlike execute() it doesn't use bound parameters. It just sends the query to the database, question marks and all, thus creating your error.

If you want to check for an error, you should check the result of your execute() statement when you run it, not perform a further query. Replace your $stmt->execute() line with something like this, to execute the query and also test for success:

if ($stmt->execute()) {
    // Success
} else {
    // Failure
}

Answer 2

Instead of

if (mysqli_query($connection, $sql)) {
        echo "New record created successfully";
} else {
        echo "Error: " . $sql . "<br>" . mysqli_error($connection) . "<br>";
}

You should use the mysqli::$affected_rows property, like this;

if ($connection->affected_rows > 0) {
        echo "New record created successfully";
} else {
        echo "Error: " . $sql . "<br>" . $connection->error() . "<br>";
}