0

I'm trying out using prepared statements for the first time and running into the following issue with the below code

Error :

Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given

Code :

$stmt = mysqli_prepare($db, "INSERT INTO fragrances(name, description, essentialoils, topnotes, middlenotes, basenotes, reference, year, type, price, fragrancehouse, triangle, extractname, extractreference, extractprice, extractfragrancehouse, disccolour, collarcolour, actuatorcolour)
    VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); 
mysqli_stmt_bind_param($stmt, 'sssssssssssssssssss', $name, $description, $essentialoils, $topnotes, $middlenotes, $basenotes, $reference, $year, $type, $price, $fragrancehouse, $triangle, $extractname, $extractreference, $extractprice, $extractfragrancehouse, $disccolour, $collarcolour, $actuatorcolour);

mysqli_stmt_execute($stmt);

I've looked at many different questions on here and none of their solutions seem to apply for my problem, does anyone know what the issue is?

4

4 回答 4

4

$stmt becomes a boolean only when mysqli_prepare returns false.

When this happens it means it failed to prepare the query therefore you need to check for errors:

$stmt = mysqli_stmt_init($db);
if (mysqli_stmt_prepare($stmt, 'INSERT INTO fragrances VALUES...')) {
    //it's all good bind and execute here
}else{
   //we have a problem
   printf("Errormessage: %s\n", mysqli_error($db));
}
于 2014-10-10T20:30:30.817 回答
2

The error message means your mysqli_prepare returned a boolean (and for your case, it returned false).

You need to replace all your field name by the character ? to make your prepared statement. This is how it works.

See example in the official documentation

EDIT See also mysqli_error , which will detail your error. In fact, you should always check a variable before using it:

$stmt = mysqli_prepare($db, "....");
if(!$stmt)
  echo mysqli_error($db); // display error only for debug. Avoid this in production
于 2014-10-10T20:06:01.900 回答
2

Your INSERT statement is invalid: VALUES clause must be with ? in parantheses (and after field names in parentheses). Also good practice is to check $stmt after assigning:

$stmt = mysqli_prepare($db, 
   "INSERT INTO fragrances (name, description, essentialoils, topnotes, middlenotes, basenotes, reference, year, type, price, fragrancehouse, triangle, extractname, extractreference, extractprice, extractfragrancehouse, disccolour, collarcolour, actuatorcolour)
    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
if ($stmt) {
    mysqli_stmt_bind_param($stmt, 'sssssssssssssssssss', $name, $description, $essentialoils, $topnotes, $middlenotes, $basenotes, $reference, $year, $type, $price, $fragrancehouse, $triangle, $extractname, $extractreference, $extractprice, $extractfragrancehouse, $disccolour, $collarcolour, $actuatorcolour);

    mysqli_stmt_execute($stmt);
    // ...
} else
    printf("Error: %s\n", mysqli_error($db));
于 2014-10-10T20:22:16.870 回答
2

It means your SQL was invalid because the prepare is returning false;

Your SQL should be;

$stmt = mysqli_prepare($db, "INSERT INTO fragrances VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )");

Each ? is to show where each parameter needs to be bound respectively.

于 2014-10-10T20:34:26.957 回答