mysqli 错误 - bind_param: 变量数不匹配
mysqli error - bind_param: number of variables doesn't match
我收到以下错误,但我一遍又一遍地计算,一切似乎都很好。有人对此有任何想法吗?
错误:
Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of
variables doesn't match number of parameters in prepared statement in
/home/ambnews/public_html/invoice/response.php on line
204
代码:
// invoice customer information
// billing
$customer_name = $mysqli->real_escape_string($_POST['customer_name']); // customer name
$customer_email = $mysqli->real_escape_string($_POST['customer_email']); // customer email
$customer_address_1 = $mysqli->real_escape_string($_POST['customer_address_1']); // customer address
$customer_address_2 = $mysqli->real_escape_string($_POST['customer_address_2']); // customer address
$customer_town = $mysqli->real_escape_string($_POST['customer_town']); // customer town
$customer_county = $mysqli->real_escape_string($_POST['customer_county']); // customer county
$customer_postcode = $mysqli->real_escape_string($_POST['customer_postcode']); // customer postcode
$customer_phone = $mysqli->real_escape_string($_POST['customer_phone']); // customer phone number
//shipping
$customer_name_ship = $mysqli->real_escape_string($_POST['customer_name_ship']); // customer name (shipping)
$customer_address_1_ship = $mysqli->real_escape_string($_POST['customer_address_1_ship']); // customer address (shipping)
$customer_address_2_ship = $mysqli->real_escape_string($_POST['customer_address_2_ship']); // customer address (shipping)
$customer_town_ship = $mysqli->real_escape_string($_POST['customer_town_ship']); // customer town (shipping)
$customer_county_ship = $mysqli->real_escape_string($_POST['customer_county_ship']); // customer county (shipping)
$customer_postcode_ship = $mysqli->real_escape_string($_POST['customer_postcode_ship']); // customer postcode (shipping)
$query = "INSERT INTO store_customers (
name,
email,
address_1,
address_2,
town,
county,
postcode,
phone,
name_ship,
address_1_ship,
address_2_ship,
town_ship,
county_ship,
postcode_ship
) VALUES (
'".$customer_name."',
'".$customer_email."',
'".$customer_address_1."',
'".$customer_address_2."',
'".$customer_town."',
'".$customer_county."',
'".$customer_postcode."',
'".$customer_phone."',
'".$customer_name_ship."',
'".$customer_address_1_ship."',
'".$customer_address_2_ship."',
'".$customer_town_ship."',
'".$customer_county_ship."',
'".$customer_postcode_ship."'
);
";
/* Prepare statement */
$stmt = $mysqli->prepare($query);
if($stmt === false) {
trigger_error('Wrong SQL: ' . $query . ' Error: ' . $mysqli->error, E_USER_ERROR);
}
print_r($stmt->bind_param(
'sssssssissssss',
$customer_name,$customer_email,$customer_address_1,$customer_address_2,$customer_town,$customer_county,$customer_postcode,
$customer_phone,$customer_name_ship,$customer_address_1_ship,$customer_address_2_ship,$customer_town_ship,$customer_county_ship,$customer_postcode_ship));
/* Bind parameters. TYpes: s = string, i = integer, d = double, b = blob */
$stmt->bind_param(
'sssssssissssss',
$customer_name,$customer_email,$customer_address_1,$customer_address_2,$customer_town,$customer_county,$customer_postcode,
$customer_phone,$customer_name_ship,$customer_address_1_ship,$customer_address_2_ship,$customer_town_ship,$customer_county_ship,$customer_postcode_ship);
/* Execute statement */
$stmt->execute();
if($stmt->execute()){
//if saving success
echo json_encode(array(
'status' => 'Success',
'message' => 'Customer has been created successfully!'
));
} else {
// if unable to create invoice
echo json_encode(array(
'status' => 'Error',
'message' => 'There has been an error, please try again.'
// debug
//'message' => 'There has been an error, please try again.<pre>'.$mysqli->error.'</pre><pre>'.$query.'</pre>'
));
}
//close database connection
$mysqli->close();
你需要看看 manual:
- 当您使用准备好的语句时,您不应转义您的值,因为您将在数据中添加文字反斜杠。
- 您不应在查询中注入变量,而应使用占位符(mysqli 中的问号)。这些都与您的价值观有关。
因此您的查询将是:
$query = "INSERT INTO store_customers (
name,
email,
// etc.
) VALUES (
?,
?,
// etc.
);
";
然后您绑定您的价值观:
$stmt->bind_value(
'sssssssissssss',
$_POST['customer_name'],
$_POST['customer_email'],
// etc.
);
注意我用的是bind_value()
而不是bind_param()
因为这个好像只用了一次所以不需要绑定参数,直接绑定值即可。不过应该没什么区别。
我收到以下错误,但我一遍又一遍地计算,一切似乎都很好。有人对此有任何想法吗?
错误:
Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of variables doesn't match number of parameters in prepared statement in /home/ambnews/public_html/invoice/response.php on line 204
代码:
// invoice customer information
// billing
$customer_name = $mysqli->real_escape_string($_POST['customer_name']); // customer name
$customer_email = $mysqli->real_escape_string($_POST['customer_email']); // customer email
$customer_address_1 = $mysqli->real_escape_string($_POST['customer_address_1']); // customer address
$customer_address_2 = $mysqli->real_escape_string($_POST['customer_address_2']); // customer address
$customer_town = $mysqli->real_escape_string($_POST['customer_town']); // customer town
$customer_county = $mysqli->real_escape_string($_POST['customer_county']); // customer county
$customer_postcode = $mysqli->real_escape_string($_POST['customer_postcode']); // customer postcode
$customer_phone = $mysqli->real_escape_string($_POST['customer_phone']); // customer phone number
//shipping
$customer_name_ship = $mysqli->real_escape_string($_POST['customer_name_ship']); // customer name (shipping)
$customer_address_1_ship = $mysqli->real_escape_string($_POST['customer_address_1_ship']); // customer address (shipping)
$customer_address_2_ship = $mysqli->real_escape_string($_POST['customer_address_2_ship']); // customer address (shipping)
$customer_town_ship = $mysqli->real_escape_string($_POST['customer_town_ship']); // customer town (shipping)
$customer_county_ship = $mysqli->real_escape_string($_POST['customer_county_ship']); // customer county (shipping)
$customer_postcode_ship = $mysqli->real_escape_string($_POST['customer_postcode_ship']); // customer postcode (shipping)
$query = "INSERT INTO store_customers (
name,
email,
address_1,
address_2,
town,
county,
postcode,
phone,
name_ship,
address_1_ship,
address_2_ship,
town_ship,
county_ship,
postcode_ship
) VALUES (
'".$customer_name."',
'".$customer_email."',
'".$customer_address_1."',
'".$customer_address_2."',
'".$customer_town."',
'".$customer_county."',
'".$customer_postcode."',
'".$customer_phone."',
'".$customer_name_ship."',
'".$customer_address_1_ship."',
'".$customer_address_2_ship."',
'".$customer_town_ship."',
'".$customer_county_ship."',
'".$customer_postcode_ship."'
);
";
/* Prepare statement */
$stmt = $mysqli->prepare($query);
if($stmt === false) {
trigger_error('Wrong SQL: ' . $query . ' Error: ' . $mysqli->error, E_USER_ERROR);
}
print_r($stmt->bind_param(
'sssssssissssss',
$customer_name,$customer_email,$customer_address_1,$customer_address_2,$customer_town,$customer_county,$customer_postcode,
$customer_phone,$customer_name_ship,$customer_address_1_ship,$customer_address_2_ship,$customer_town_ship,$customer_county_ship,$customer_postcode_ship));
/* Bind parameters. TYpes: s = string, i = integer, d = double, b = blob */
$stmt->bind_param(
'sssssssissssss',
$customer_name,$customer_email,$customer_address_1,$customer_address_2,$customer_town,$customer_county,$customer_postcode,
$customer_phone,$customer_name_ship,$customer_address_1_ship,$customer_address_2_ship,$customer_town_ship,$customer_county_ship,$customer_postcode_ship);
/* Execute statement */
$stmt->execute();
if($stmt->execute()){
//if saving success
echo json_encode(array(
'status' => 'Success',
'message' => 'Customer has been created successfully!'
));
} else {
// if unable to create invoice
echo json_encode(array(
'status' => 'Error',
'message' => 'There has been an error, please try again.'
// debug
//'message' => 'There has been an error, please try again.<pre>'.$mysqli->error.'</pre><pre>'.$query.'</pre>'
));
}
//close database connection
$mysqli->close();
你需要看看 manual:
- 当您使用准备好的语句时,您不应转义您的值,因为您将在数据中添加文字反斜杠。
- 您不应在查询中注入变量,而应使用占位符(mysqli 中的问号)。这些都与您的价值观有关。
因此您的查询将是:
$query = "INSERT INTO store_customers (
name,
email,
// etc.
) VALUES (
?,
?,
// etc.
);
";
然后您绑定您的价值观:
$stmt->bind_value(
'sssssssissssss',
$_POST['customer_name'],
$_POST['customer_email'],
// etc.
);
注意我用的是bind_value()
而不是bind_param()
因为这个好像只用了一次所以不需要绑定参数,直接绑定值即可。不过应该没什么区别。