Cannot Figure out Procedural MySQL Prepared Statement error using PHP
Question
I am new to PHP and MySQL. My server has version 5.6 of MySQL. I am using procedural statements (not PDO, not OO). This is a PHP page on the site I am developing for users to create a new account. What's weird is that the error message is returned on the actual page itself ( https://mywebsite.com/create_account.php ) instead of in the error log on the server.
* HERE IS THE ERROR MESSAGE I RECEIVE: *
Error: INSERT INTO users (username, password, name_first, name_last, address_1, address_2, city, state, zip_code, email_address, phone_number, name_on_card, card_number_main, card_number_ccv, card_expire_mo, card_expire_yr) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'
* HERE IS MY CODE THAT GENERATES THE ERROR MESSAGE: *
//
// Insert data into database
//
$sql = "INSERT INTO users (username, password, name_first, name_last, address_1, address_2, city, state, zip_code, email_address, phone_number, name_on_card, card_number_main, card_number_ccv, card_expire_mo, card_expire_yr) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "ssssssssssssssss", $param_username, $param_password, $param_name_first, $param_name_last, $param_address_1, $param_address_2, $param_city, $param_state, $param_zip_code, $param_email_address, $param_phone_number, $param_name_on_card, $param_card_number_main, $param_card_number_ccv, $param_card_expire_mo, $param_card_expire_yr);
$param_username = $username;
$param_password = $password;
$param_name_first = $name_first;
$param_name_last = $name_last;
$param_address_1 = $address_1;
$param_address_2 = $address_2;
$param_city = $city;
$param_state = $state;
$param_zip_code = $zip_code;
$param_email_address = $email_address;
$param_phone_number = $phone_number;
$param_name_on_card = $name_on_card;
$param_card_number_main = $card_number_main;
$param_card_number_ccv = $card_number_ccv;
$param_card_expire_mo = $card_expire_mo;
$param_card_expire_yr = $card_expire_yr;
mysqli_stmt_execute($stmt);
I have read the manual as the error message suggests but to no avail. Any help would be most appreciated. Thank you.
1 answers
solution1
-2 2018-07-11 20:59:48
Move after variable declaration bind stmt?
<?php
$sql = "INSERT INTO users (username, password, name_first, name_last, address_1, address_2, city, state, zip_code, email_address, phone_number, name_on_card, card_number_main, card_number_ccv, card_expire_mo, card_expire_yr) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($link, $sql);
$param_username = $username;
$param_password = $password;
$param_name_first = $name_first;
$param_name_last = $name_last;
$param_address_1 = $address_1;
$param_address_2 = $address_2;
$param_city = $city;
$param_state = $state;
$param_zip_code = $zip_code;
$param_email_address = $email_address;
$param_phone_number = $phone_number;
$param_name_on_card = $name_on_card;
$param_card_number_main = $card_number_main;
$param_card_number_ccv = $card_number_ccv;
$param_card_expire_mo = $card_expire_mo;
$param_card_expire_yr = $card_expire_yr;
mysqli_stmt_bind_param($stmt, "ssssssssssssssss", $param_username, $param_password, $param_name_first, $param_name_last, $param_address_1, $param_address_2, $param_city, $param_state, $param_zip_code, $param_email_address, $param_phone_number, $param_name_on_card, $param_card_number_main, $param_card_number_ccv, $param_card_expire_mo, $param_card_expire_yr);
mysqli_stmt_execute($stmt);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.