为什么预准备语句会导致绑定中的参数数量错误?

时间:2014-08-29 16:19:20

标签: php mysql mysqli

我正在接受

mysqli_stmt_bind_param(): Number of variables doesn't match number of parameters 

警告

来自以下声明:

mysqli_stmt_bind_param($stmt, "ss", $str_addr_no, $str_addr);

我查看了where ... like个示例,但看不出我的语法有什么问题。

$link = mysqli_connect("localhost","fred","password","h2o_amr");

$str_addr_no = $_REQUEST['meter_street_number'];
$str_addr    = $_REQUEST['meter_street_address'];

$stmt = mysqli_stmt_init($link);
mysqli_stmt_prepare($stmt, "select w.* from water w where w.mtr_addr_no like '?%' and w.mtr_addr_str like '?%' "))

mysqli_stmt_bind_param($stmt, "ss", $str_addr_no, $str_addr);

有没有办法让PHP显示或检查准备好的语句,看看实际准备了多少参数?

1 个答案:

答案 0 :(得分:4)

您引用了占位符:'?%',将它们转换为字符串,而不是占位符。占位符必须是BARE ?字符:

SELECT ... WHERE foo = ? // OK
SELECT ... WHERE Foo = '?' // no parameters here, just a string

对于通配的LIKE查询,您必须诉诸黑客:

SELECT ... WHERE foo LIKE CONCAT('%', ?)