0

I'm trying to insert prepared statemant multiple values in my database through these two queries, which are both malfunctioning, returning either

Uncaught Error: Call to undefined method mysqli_stmt::bindValue()

for the first code or

Uncaught ValueError: mysqli_stmt::execute(): Argument #1 ($params) must be a list array

for second one. When I type list instead of array, it says

syntax error

notice all variable, table and column names are a simplified variant

I've seen a lot of similar questions, but none of them answer my problem. Not even the one that this is the 'duplicate' of.

Does anyone have a solution, or, maybe, an alternative?

Here are the two codes:

if(isset($_POST['ID'], $_POST['atr1'])){

        $sql = $db -> prepare("INSERT INTO some_table (ID, atr_place) VALUES (':fir', ':sec')");
        
        $sql -> bindValue(':fir', $_POST['ID'],);
        $sql -> bindValue(':sec', $_POST['atr1'],);
        $sql -> execute();
}

$sql = $db -> prepare("INSERT INTO some_table (ID, atr_place) VALUES (:fir, :sec)");
$sql -> execute(array(
    ':fir' => $_POST['ID'],
    ':sec' => $_POST['atr1'],
));
Dharman
  • 30,962
  • 25
  • 85
  • 135
lordsanken
  • 38
  • 11
  • 1
    `Call to undefined method mysqli_stmt::bindValue()` - the MySQLi extension does not provide a `bindValue` method, that is PDO only. – CBroe May 11 '22 at 10:08
  • i've tried using bind_param() but that retruns a: Uncaught ArgumentCountError: The number of elements in the type definition string must match the number of bind variables – lordsanken May 11 '22 at 10:09
  • 1
    You seem to be confused between mysqli and PDO. Make sure you're looking at the right tutorials for the library you're using. As well as what's pointed out above, mysqli also doesn't support named parameters. P.S. "doesn't work" is worse than useless as a problem statement. Unless you show precisely what you tried and precisely what error you got, no-one can help you resolve that. – ADyson May 11 '22 at 10:09
  • https://phpdelusions.net/mysqli contains some nice simple examples of using prepared statements and parameters with mysqli. You could, of course, also [read the mysqli manual](https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php).... :-) – ADyson May 11 '22 at 10:11
  • "Doesn't work" does not work for us, as a problem description. – CBroe May 11 '22 at 10:11
  • Does this answer your question? [Using php pdo to insert records in database](https://stackoverflow.com/questions/34748662/using-php-pdo-to-insert-records-in-database) – S N Sharma May 11 '22 at 10:15
  • `Uncaught ValueError: mysqli_stmt::execute(): Argument #1 ($params) must be a list array` - this method expects a simple array with a zero-based index, not an associative one. And the reason for that is, that MySQLi does not support named placeholders to begin with, you can only use `?` in your query, not `:foo`. Since it all depends on the _order_ of the passed values then, a associative array would make little sense at this point. – CBroe May 11 '22 at 10:15
  • https://stackoverflow.com/questions/34748662/using-php-pdo-to-insert-records-in-database – S N Sharma May 11 '22 at 10:15
  • @SNSharma That's not much use, since the OP isn't using PDO. Did you read any of the comments? Or look at the question tags, or the error messages? – ADyson May 11 '22 at 10:20

2 Answers2

3

As the error messages make clear, you're using the mysqli library to communicate with your database. However your code seems to be based on examples which use PDO, which is a different library entirely. While superficially some of the function names are similar, they actually have different APIs and requirements.

For example, some API differences are:

  • mysqli doesn't support named parameters, only anonymous placeholders specified with ?
  • PDO has bindParam and bindValue functions, whereas mysqli has bind_param
  • until PHP 8.1, mysqli did not accept a parameter list provided directly via the execute() function.

This code should work with mysqli:

If you have PHP 8.1 or above:

$sql = $db->prepare("INSERT INTO some_table (ID, atr_place) VALUES (?, ?)");
$sql->execute(array($_POST['ID'], $_POST['atr1']));

Otherwise:

$sql = $db->prepare("INSERT INTO some_table (ID, atr_place) VALUES (?, ?)");
$sql->bind_param("ss", $_POST['ID'], $_POST['atr1']
$sql->execute();
ADyson
  • 57,178
  • 14
  • 51
  • 63
0

You're trying to use PDO functions in MySQLi. It would help to read through the docs to get an understanding, but from what I can gather, you'd be looking for;

if(isset($_POST['ID'], $_POST['atr1'])){
    $sql = $db->prepare("INSERT INTO some_table (ID, atr_place) VALUES (?,)");
    $sql->bind_param('is', $_POST['ID'],$_POST['atr1']); // i=int s=string
    $sql->execute();
}
Can O' Spam
  • 2,718
  • 4
  • 19
  • 45