I'm trying to insert prepared statemant multiple values in my database through these two queries, which are both malfunctioning, returning either
Uncaught Error: Call to undefined method mysqli_stmt::bindValue()
for the first code or
Uncaught ValueError: mysqli_stmt::execute(): Argument #1 ($params) must be a list array
for second one. When I type list
instead of array
, it says
syntax error
notice all variable, table and column names are a simplified variant
I've seen a lot of similar questions, but none of them answer my problem. Not even the one that this is the 'duplicate' of.
Does anyone have a solution, or, maybe, an alternative?
Here are the two codes:
if(isset($_POST['ID'], $_POST['atr1'])){
$sql = $db -> prepare("INSERT INTO some_table (ID, atr_place) VALUES (':fir', ':sec')");
$sql -> bindValue(':fir', $_POST['ID'],);
$sql -> bindValue(':sec', $_POST['atr1'],);
$sql -> execute();
}
$sql = $db -> prepare("INSERT INTO some_table (ID, atr_place) VALUES (:fir, :sec)");
$sql -> execute(array(
':fir' => $_POST['ID'],
':sec' => $_POST['atr1'],
));
CodePudding user response:
As the error messages make clear, you're using the mysqli library to communicate with your database. However your code seems to be based on examples which use PDO, which is a different library entirely. While superficially some of the function names are similar, they actually have different APIs and requirements.
For example, some API differences are:
- mysqli doesn't support named parameters, only anonymous placeholders specified with
?
- PDO has bindParam and bindValue functions, whereas mysqli has bind_param
- until PHP 8.1, mysqli did not accept a parameter list provided directly via the execute() function.
This code should work with mysqli:
If you have PHP 8.1 or above:
$sql = $db->prepare("INSERT INTO some_table (ID, atr_place) VALUES (?, ?)");
$sql->execute(array($_POST['ID'], $_POST['atr1']));
Otherwise:
$sql = $db->prepare("INSERT INTO some_table (ID, atr_place) VALUES (?, ?)");
$sql->bind_param("ss", $_POST['ID'], $_POST['atr1']
$sql->execute();
CodePudding user response:
You're trying to use PDO functions in MySQLi. It would help to read through the docs to get an understanding, but from what I can gather, you'd be looking for;
if(isset($_POST['ID'], $_POST['atr1'])){
$sql = $db->prepare("INSERT INTO some_table (ID, atr_place) VALUES (?,)");
$sql->bind_param('is', $_POST['ID'],$_POST['atr1']); // i=int s=string
$sql->execute();
}