错误:mysqli_stmt :: bind_param():类型定义字符串中的元素数与绑定变量数不匹配

时间:2016-02-13 22:02:16

标签: php

我不确定出了什么问题,一切似乎都没问题。

警告: mysqli_stmt :: bind_param():类型定义字符串中的元素数与第88行上的绑定变量数不匹配

<?php
error_reporting(E_ALL); 
ini_set('display_errors', 1);

include_once 'db_connect.php';
include_once 'ex-config.php';


 
$error_msg = "";
 
if (isset($_POST['username'], $_POST['email'], $_POST['p'])) {
    // Sanitize and validate the data passed in
    $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
    $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
    $email = filter_var($email, FILTER_VALIDATE_EMAIL);
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        // Not a valid email
        $error_msg .= '<p class="error">The email address you entered is not valid</p>';
    }
 
    $password = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING);
    if (strlen($password) != 128) {
        // The hashed pwd should be 128 characters long.
        // If it's not, something really odd has happened
        $error_msg .= '<p class="error">Invalid password configuration.</p>';
    }
 
    // Username validity and password validity have been checked client side.
    // This should should be adequate as nobody gains any advantage from
    // breaking these rules.
    //
 
    $prep_stmt = "SELECT id FROM members WHERE email = ? LIMIT 1";
    $stmt = $mysqli->prepare($prep_stmt);
 
   // check existing email  
    if ($stmt) {
        $stmt->bind_param('s', $email);
        $stmt->execute();
        $stmt->store_result();
 
        if ($stmt->num_rows == 1) {
            // A user with this email address already exists
            $error_msg .= '<p class="error">A user with this email address already exists.</p>';
                        $stmt->close();
        }
                $stmt->close();
    } else {
        $error_msg .= '<p class="error">Database error Line 39</p>';
                $stmt->close();
    }
 
    // check existing username
    $prep_stmt = "SELECT id FROM members WHERE username = ? LIMIT 1";
    $stmt = $mysqli->prepare($prep_stmt);
 
    if ($stmt) {
        $stmt->bind_param('s', $username);
        $stmt->execute();
        $stmt->store_result();
 
                if ($stmt->num_rows == 1) {
                        // A user with this username already exists
                        $error_msg .= '<p class="error">A user with this username already exists</p>';
                        $stmt->close();
                }
                $stmt->close();
        } else {
                $error_msg .= '<p class="error">Database error line 55</p>';
                $stmt->close();
        }
 
    // TODO: 
    // We'll also have to account for the situation where the user doesn't have
    // rights to do registration, by checking what type of user is attempting to
    // perform the operation.
 
    if (empty($error_msg)) {
 
        // Create hashed password using the password_hash function.
        // This function salts it with a random salt and can be verified with
        // the password_verify function.
        $password = password_hash($password, PASSWORD_BCRYPT);
 
        // Insert the new user into the database 
        if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password) VALUES (?, ?, ?)")) {
            $insert_stmt->bind_param('ssss', $username, $email, $password); // THIS IS LINE 88
            // Execute the prepared query.
            if (! $insert_stmt->execute()) {
                // header('Location: ../error.php?err=Registration failure: INSERT');
                // exit;
                trigger_error("there was an error....".$mysqli->error, E_USER_WARNING);
            }
        }
        else (header('Location: ../register_success.php'));
        exit;
    }
}

来源:http://www.wikihow.com/Create-a-Secure-Login-Script-in-PHP-and-MySQL

2 个答案:

答案 0 :(得分:4)

bind_param('ssss', $username, $email, $password); 
            ^^^^        ^        ^        ^
            ||||        |        |        |
        4 parameters    1        2        3          4?

4!== 3

答案 1 :(得分:-1)

我想如果删除's'可以解决您的问题:

$insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password) VALUES (?, ?, ?)")) {

$insert_stmt->bind_param('sss', $username, $email, $password); // THIS IS LINE 88