-1

I'm trying to simply update a table with dynamic variables and I am stuck, I have read and searched how to do dynamic binding and have found out that I need to use call_user_func_array() but I tried to use it as below and it still doesn't work, can someone show me how to use it?

$a = array('ssi');
$b = array($_POST['h'], $_POST['m'],  2);
$params = array_merge($a, $b);

 $stmt = $db->prepare("UPDATE `test` set field_1 = ?, field_2 = ? where id = ?");
 call_user_func_array(array(&$stmt, 'bind_param'), $params);
 $stmt->execute();

I am getting the below error

Warning: Parameter 2 to mysqli_stmt::bind_param() expected to be a reference, value given

can someone help me out? I have looked at other similar questions and still stuck.

user2666310
  • 103
  • 2
  • 15
  • `var_dump($stmt);` PS: Why did you put `&` in front of `$stmt`? – zerkms Oct 06 '14 at 22:57
  • Are you mixing up the arguments in call_user_func_array()? http://php.net/manual/en/function.call-user-func-array.php says that the first argument should be the function name (bind_param) to be called, and then an array of (references to) function params as second argument. – cjs1978 Oct 06 '14 at 23:00
  • What other similar questions did you look at? Why did you stick with `mysqli` then, if PDO avoids that workaround? – mario Oct 06 '14 at 23:01
  • @zerkms, I did the var_dump and it gave me `bool(false)` and I was able to fix it since I had the table name wrong. now I am getting ` Warning: Parameter 2 to mysqli_stmt::bind_param() expected to be a reference, value given` I just copied it from other answers. – user2666310 Oct 06 '14 at 23:02
  • @Mario http://stackoverflow.com/questions/793471/use-one-bind-param-with-variable-number-of-input-vars, http://stackoverflow.com/questions/5100046/how-to-bind-mysqli-bind-param-arguments-dynamically-in-php – user2666310 Oct 06 '14 at 23:06
  • Sorry, I'm wrong (above), an array as first argument is perfectly fine when the function is a class method. – cjs1978 Oct 06 '14 at 23:09

1 Answers1

1

What is wrong with this?

$db = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);

$params = array($_POST['h'], $_POST['m'],  2);

$stmt = $db->prepare("UPDATE `test` set field_1 = ?, field_2 = ? where id = ?");

$stmt->execute($data);

Alternatively, if you insist on mysqli:

$db = new mysqli($host, $user, $pass, $dbname);

$stmt = $db->prepare("UPDATE `test` set field_1 = ?, field_2 = ? where id = ?");

$stmt->bind_param("ssi", $_POST['h'], $_POST['m'],  2);

$stmt->execute();
miken32
  • 42,008
  • 16
  • 111
  • 154
  • Thanks, fixed that quote. PDO is a much better database interface; I assume the OP is learning this stuff so would rather point him or her in the direction of something better than what they're trying to do. I wish PDO had been around back when I started out! – miken32 Oct 06 '14 at 23:16
  • Thanks, while the alternative method was pointless since I am trying to avoid binding like that, the PDO version was much easier and it worked. – user2666310 Oct 06 '14 at 23:21
  • Yup, PDO is much superior, no worries about counting how many s and i you have in your statements, just pass your array and go! – miken32 Oct 06 '14 at 23:23