0

Clearly there something I miss when I try to do my prepare statement for a SELECT query.

Can any body tell me how the correct version is:

$db = new mysqli($config_databaseServer, $config_databaseUsername ,$config_databasePassword, $config_databaseName);

if(isset($_POST['queryString'])) {
            $queryString = $db->real_escape_string($_POST['queryString']);
            
            if(strlen($queryString) >3) {
                
                $numberOfProducts = $_POST['numberOfProducts'];
                $numberOfBrands = $_POST['numberOfBrands'];
                $query = $db->prepare("SELECT name, image_url FROM `".$config_databaseTablePrefix."products` WHERE name LIKE '?%' LIMIT ?");
                $query->bind_param('ss', $queryString, $numberOfProducts);
                $query->execute();
                if($query) {
                   while ($result = $query ->fetch_object()) {
                code continues..

Error:

Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement

Fatal error: Call to undefined method mysqli_stmt::fetch_object()

I only have two variables?

Community
  • 1
  • 1
Troels Johannesen
  • 725
  • 2
  • 7
  • 30

0 Answers0