PHP Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement

Question

Not sure why I\'m getting this PHP warning message. It appears there are four parameters in the prepared statement, and also four variables in bind_param(). Thanks for any

Answer 1

if($stmt = $mysqli -> prepare("SELECT url, month, year, cover_image FROM back_issues ORDER BY year DESC, month DESC")) {
   $stmt -> bind_param("ssis", $url, $month, $year, $cover_image);
   [...]
}

these lines don't make any sense! If you want to use parameters, you have to use them into a where condition or similar, pretty much like:

$mysqli->prepare("SELECT * FROM back_issues WHERE url =? AND month =? AND year =? and cover_image = ?");
$stmt->bind_param("ssis", $url, $month, $year, $cover_image);

If you don't have any placeholder to bind with parameters, bind_param() method will produce the error you're running throug. Moreover, what that IF statement supposed to do? If you want to verify if that query produce any result, you have first to run it and, then, to verify.

Answer 2

You do not need to bind parameters in this case. Placeholders are used for the values in an INSERT statement, or in a WHERE clause. (Note that placeholders are not allowed for identifiers, such as the column names in your statement.) A valid, simplified statement with placeholders would look like:

"SELECT url, cover_image FROM back_issues WHERE month = ? and year = ?"