The following query is resulting in the browser printing a
"does not match number of parameters"
type of error.
Why is this happening?
When I replace with
LIKE '%".$country."%'
and get rid of the bind_param it does not bring up any errors.$query = "
SELECT * from (
SELECT link
FROM items
WHERE countries LIKE '%?%'
ORDER BY value DESC
LIMIT 10
) T ORDER BY RAND()
LIMIT 1
";
if ($statement = $mysqli->prepare($query))
{
$statement->bind_param("s", $country);
$statement->execute();
$statement->store_result();
$statement->bind_result($link);
$statement->fetch();
$statement->free_result();
$statement->close();
}
I'd like to prepare the statement instead of inserting raw data into the query.
%
must be part of the value :$query = "
SELECT * from (
SELECT link
FROM items
WHERE countries LIKE ?
ORDER BY value DESC
LIMIT 10
) T ORDER BY RAND()
LIMIT 1
";
if ($statement = $mysqli->prepare($query))
{
$statement->bind_param("s","%".$Country."%");
$statement->execute();
$statement->store_result();
$statement->bind_result($link);
$statement->fetch();
$statement->free_result();
$statement->close();
}
0 comments:
Post a Comment