mysqli_stmt :: bind_param()[mysqli-stmt.bind-param]:变量数与参数数不匹配 [英] mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of variables doesn't match number of parameters

问题描述

我的php表单在我的表中插入了几列和一个加密的密码.但是，当我运行它时，它说变量号与参数数不匹配.这是我的代码:

My php form inserts a few columns and an encrypted password into my table. However when I run it it says the variable number doesn't match the number of parameters. This is my code:

<?php
if (isset($_POST['insert'])) {
require_once 'login.php'; 

  $OK = false;
  $conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed");
  $stmt = $conn->stmt_init();


  $sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password)
          VALUES(?, ?, ?, des_encrypt(substring(md5(rand()),1,8)))';
  if ($stmt->prepare($sql)) {
    // bind parameters and execute statement
    $stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);
    // execute and get number of affected rows
    $stmt->execute();
    if ($stmt->affected_rows > 0) {
      $OK = true;
    }
  }
  if ($OK) {
    header('Location: confirm.php');
    exit;
  } else {
    $error = $stmt->error;
  }
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Add User</title>
</head>

<body>
<h1>Add User</h1>
<?php if (isset($error)) {
  echo "<p>Error: $error</p>";
} ?>
<form id="form1" method="post" action="">
  <p>
    <label for="user_email">User email:</label>
    <input name="user_email" type="text" class="widebox" id="user_email">
  </p>
    <p>
    <label for="user_name">User name:</label>
    <input name="user_name" type="text" class="widebox" id="user_name">
  </p>
    <p>
    User role: <select name = "user_pref">
    <option value = "BLU">Blue</option>
    <option value = "YEL">Yellow<option>
    <option value = "GRE">GREEN</option>
    </select>
</p>
  <p>
    <input type="submit" name="insert" value="Register New User" id="insert">
  </p>
</form>
</body>
</html>

当我测试没有加密密码的表单时，它可以正常工作，因此当我尝试插入密码时，此行会导致问题:

When I test the form without the ENCRYPTED PASSWORD it works fine, so this line causes issue when i'm trying to insert the password:

$stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);

我应该将字符串更改为其他密码吗?

Am I supposed to change string to something else for password ?

谢谢

推荐答案

$sql = 'INSERT INTO users (user_email, user_name, user_pref, user_password)
      VALUES(?, ?, ?, des_encrypt(substring(md5(rand()),1,8)))';

仅定义3个占位符，但您尝试写入4个占位符.

Defines only 3 placeholders but you try to write to 4 ones.

$stmt->bind_param('ssss', $_POST['user_email'], $_POST['user_name'], $_POST['user_pref'], $_POST['user_password']);

每一个?您必须在准备好的SQL语句中插入，您必须在bind_param中传递一个变量.

For every ? you insert in the prepared SQL statement you have to pass a variable in bind_param.

这篇关于mysqli_stmt :: bind_param()[mysqli-stmt.bind-param]:变量数与参数数不匹配的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！