0

Im trying to use a prepared statement for a query. The code is as follows

<?php
$studentrollno=1;
$studentclass=10;
$studentsection='A';
$host="localhost";
$dbName="school_election_db"
    $conn=new mysqli_connect($host,dbName); 
    if(conn->connect_error())
    {
        echo "error occured";
    }
    else
    {
        $stmt="SELECT * FROM voting_details where studentrollno=? and 
    studentclass=? and studentsection=?";
    $conn->bind_param($studentrollno,$studentclass,$studentsection);
    $result=$conn->execute();
    if(result==true)
    {
    echo "login succesfull";
    }
    else
    {
    echo "Please try again";
    }
    ?>

The error is around the mysqli query but i'm not able to figure out the error.It work properly when i used normal statements with procedural PHP.But i read that the normal way to do it was using OOP and prepared statements. The error i'm getting is "mysqli_bind_param():: The number of elements in the statement does not match the number of bound parameters".

Improve this question
5
  • 1
    Add ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); to the top of your script. Commented May 4, 2018 at 14:55
  • 2
    Your code as listed here is riddled with syntax errors. You may want to show the exact code giving you your error. Commented May 4, 2018 at 14:56
  • 1
    I'm not sure how you're getting that error. You should be getting a parse error with that code. Commented May 4, 2018 at 14:56
  • Your code has many syntax error. Should we assume it is just wrong copy paste? Commented May 4, 2018 at 14:56
  • i have edited everything..i hope everything is correct now now Commented May 4, 2018 at 14:58

1 Answer 1

Reset to default
3

You should use prepare 

$dbName="school_election_db"
$conn=new mysqli_connect($host,dbName); 
if(conn->connect_error())
{
    echo "error occured";
}
else
{
    $stmt=  $conn->prepare("SELECT * 
        FROM voting_details 
        where studentrollno = ? 
        and  studentclass = ?
      and studentsection = ? ") ;
$stmt->bind_param('iis',$studentrollno,$studentclass, $studentsection);
$result=$stmt->execute();
if($result==true)
{
echo "login succesfull";
}
else
{
echo "Please try again";
}
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

might want to address the syntax error -> and studentclass = ?"; and studentsection = ? ") ";
You're missing the bind types: bool mysqli_stmt::bind_param ( string $types , mixed &$var1 [, mixed &$... ] )
this is not a coding service .. looking to the code .. seems correct but only you can check if work right
@aynber added param type too
is your code OOP style..Im asking becuase in bind parameter part you have written PDO:PARAM_INT.Sorry for asking such lame questions..im a beginner :)
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.