0

I'm trying out using prepared statements for the first time and running into the following issue with the below code

Error :

Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given

Code :

$stmt = mysqli_prepare($db, "INSERT INTO fragrances(name, description, essentialoils, topnotes, middlenotes, basenotes, reference, year, type, price, fragrancehouse, triangle, extractname, extractreference, extractprice, extractfragrancehouse, disccolour, collarcolour, actuatorcolour)
    VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); 
mysqli_stmt_bind_param($stmt, 'sssssssssssssssssss', $name, $description, $essentialoils, $topnotes, $middlenotes, $basenotes, $reference, $year, $type, $price, $fragrancehouse, $triangle, $extractname, $extractreference, $extractprice, $extractfragrancehouse, $disccolour, $collarcolour, $actuatorcolour);

mysqli_stmt_execute($stmt);

I've looked at many different questions on here and none of their solutions seem to apply for my problem, does anyone know what the issue is?

Improve this question
2

4 Answers 4

Reset to default
4

$stmt becomes a boolean only when mysqli_prepare returns false.

When this happens it means it failed to prepare the query therefore you need to check for errors:

$stmt = mysqli_stmt_init($db);
if (mysqli_stmt_prepare($stmt, 'INSERT INTO fragrances VALUES...')) {
    //it's all good bind and execute here
}else{
   //we have a problem
   printf("Errormessage: %s\n", mysqli_error($db));
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Turned out I had mixed my americanisms up and had a field named collarcolor by mistake! this lead me to the error so is getting the tick, Thanks
2

The error message means your mysqli_prepare returned a boolean (and for your case, it returned false).

You need to replace all your field name by the character ? to make your prepared statement. This is how it works.

See example in the official documentation

EDIT See also mysqli_error , which will detail your error. In fact, you should always check a variable before using it:

$stmt = mysqli_prepare($db, "....");
if(!$stmt)
  echo mysqli_error($db); // display error only for debug. Avoid this in production
Improve this answer

2 Comments

Unfortunately that does not change my error message
So you have an other error. Maybe related to $db. I edited my answer to help you debugging it.
2

It means your SQL was invalid because the prepare is returning false;

Your SQL should be;

$stmt = mysqli_prepare($db, "INSERT INTO fragrances VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )");

Each ? is to show where each parameter needs to be bound respectively.

Improve this answer

Comments

2

Your INSERT statement is invalid: VALUES clause must be with ? in parantheses (and after field names in parentheses). Also good practice is to check $stmt after assigning:

$stmt = mysqli_prepare($db, 
   "INSERT INTO fragrances (name, description, essentialoils, topnotes, middlenotes, basenotes, reference, year, type, price, fragrancehouse, triangle, extractname, extractreference, extractprice, extractfragrancehouse, disccolour, collarcolour, actuatorcolour)
    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
if ($stmt) {
    mysqli_stmt_bind_param($stmt, 'sssssssssssssssssss', $name, $description, $essentialoils, $topnotes, $middlenotes, $basenotes, $reference, $year, $type, $price, $fragrancehouse, $triangle, $extractname, $extractreference, $extractprice, $extractfragrancehouse, $disccolour, $collarcolour, $actuatorcolour);

    mysqli_stmt_execute($stmt);
    // ...
} else
    printf("Error: %s\n", mysqli_error($db));
Improve this answer

1 Comment

Unfortunately that does still create the same error message (removing the if statement)

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.