在PHP中执行预准备语句时出错

时间:2014-04-23 12:02:37

标签: php mysql sql

我有以下代码,它在准备好的语句行上给出了错误:

homepage.php

<html>
<head>
</head>
<body>
<ul id="list">
            <li><h3><a href="#">tops</a></h3></li>
            <li><h3><a href="#">suits</a></h3></li>
            <li><h3><a href="#">jeans</a></h3></li>
            <li><h3><a href="newpage.php?name=women">more</a></h3></li>
            </ul>
</body>
</html>

newpage.php

<?php
$mysqli = new mysqli('localhost', 'root', '', 'shop');

   if(mysqli_connect_errno()) {
      echo "Connection Failed: " . mysqli_connect_errno();
      }
?>
<html>
<head>
</head>
<body>
<?php
session_start();
$lcSearchVal=$_GET['name'];
//echo "hi";
$lcSearcharr=explode("-",$lcSearchVal);
$result=count($lcSearchVal);
//echo $result;



$parts = array();
$parts1=array();
foreach( $lcSearcharr as $lcSearchWord ){
    $parts[] = '`PNAME` LIKE "%'.mysqli_real_escape_string($lcSearchWord).'%"';
    $parts1[] = '`TAGS` LIKE "%'.$lcSearchWord.'%"';
    //$parts[] = '`CATEGORY` LIKE "%'.$lcSearchWord.'%"';
}
$stmt = $mysqli->prepare("SELECT * FROM xml where ('.implode ('AND',?).')");
$stmt->bind_Param("s",$parts);

$list=array();
if ($stmt->execute()) {
  while ($row = $stmt->fetch()) {
    $list[]=$row;
  }
}


    $stmt->close();

    $mysqli->close();
foreach($list as $array)
{
?>
            <div class="image">
<img src="<?php echo $array['IMAGEURL']?>" width="200px" height="200px"/></a>
<?php
}
?>
</div>
</body>
</html>

php文件中的SQL查询未执行。我收到以下错误:

  

mysqli_stmt :: bind_param():变量数量与预备语句中的参数数量不匹配

我无法纠正错误,我已经尝试了很多。

1 个答案:

答案 0 :(得分:0)

更改

$parts[] = '`PNAME` LIKE "%'.mysql_real_escape_string($lcSearchWord).'%"';

$parts[] = '`PNAME` LIKE "%'.mysqli_real_escape_string($lcSearchWord).'%"';