(PHP) 警告：mysqli_stmt::bind_param(): 变量数与准备语句中的参数数不匹配

Question

我有以下问题。

    $mysqldb = mysqlidb_class();
    $query = "select * from post where idx < ?"

然后我绑定参数并执行。

    $bindvariable = array();
    array_push($bindvariable, $post_photoidx);
    array_push($bindvariable, $post_idx);
    $res = $mysqldb->rawQuery($query, $bindvariable);

然后我得到以下错误。

    Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement

但是当我像下面这样更改查询时，错误消失了。

    $query = "select * from post where idx = ?"

我在这里做错了什么？

这是我用于 mysql 查询的类

    <?php

    class MysqliDb
    {
        ......

        public function rawQuery ($query, $bindParams = null, $sanitize = true)
        {
            $this->_query = $query;
            if ($sanitize)
                $this->_query = filter_var ($query, FILTER_SANITIZE_STRING,
                                        FILTER_FLAG_NO_ENCODE_QUOTES);
            $stmt = $this->_prepareQuery();
            if (is_array($bindParams) === true) {
                $params = array(''); // Create the empty 0 index
                foreach ($bindParams as $prop => $val) {
                    $params[0] .= $this->_determineType($val);
                    array_push($params, $bindParams[$prop]);
                }
                call_user_func_array(array($stmt, 'bind_param'), $this->refValues($params));
            }
            $stmt->execute();
            $this->_stmtError = $stmt->error;
            $this->reset();
            return $this->_dynamicBindResults($stmt);
        }

        ......

        protected function _buildQuery($numRows = null, $tableData = null)
        {
            $this->_buildJoin();
            $this->_buildTableData ($tableData);
            $this->_buildWhere();
            $this->_buildGroupBy();
            $this->_buildOrderBy();
            $this->_buildLimit ($numRows);
            $this->_lastQuery = $this->replacePlaceHolders ($this->_query, $this->_bindParams);
            if ($this->isSubQuery)
                return;
            // Prepare query
            $stmt = $this->_prepareQuery();
            // Bind parameters to statement if any
            if (count ($this->_bindParams) > 1)
                call_user_func_array(array($stmt, 'bind_param'), $this->refValues($this->_bindParams));
            return $stmt;
        }

        protected function _prepareQuery()
        {
            if (!$stmt = $this->_mysqli->prepare($this->_query)) {
                trigger_error("Problem preparing query ($this->_query) " . $this->_mysqli->error, E_USER_ERROR);
            }
            return $stmt;
        }

        protected function refValues($arr)
        {
            //Reference is required for PHP 5.3+
            if (strnatcmp(phpversion(), '5.3') >= 0) {
                $refs = array();
                foreach ($arr as $key => $value) {
                    $refs[$key] = & $arr[$key];
                }
                return $refs;
            }
            return $arr;
        }

    ......

    } // END class

Answer 1

您可能不会使用数组 (2)。 相反，使用

$sql = "select * from post where idx < :i";
$stmt->bindparam("i", 2);
$stmt->execute();

或使用

$array = array($something,$else,$whatever); 
$sql = "select * from post where idx < ?";
$stmt->bindparam("i", $array[2]);
$stmt->execute();

Answer 2

您似乎没有在为查询出价之前准备查询。

$sql = "SELECT * FROM post WHERE idx < ?"; 

if($stmt = $stmt->prepare($sql)) {
    $stmt->bind_param('i', 2);
    $stmt->execute();
}   

Answer 3

Santize 过滤器破坏了我的 SQL 查询。

我已将源更改为以下以解决问题。

    $mysqldb->rawQuery($query, $bindvariable, false);