Home/ Questions/Q 9202949
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T23:22:12+00:00

I am trying to insert into a table with Procedural Mysqli. It is not

  • 0

I am trying to insert into a table with Procedural Mysqli. It is not posting any errors nor is it posting the information to the database. Here is my code:

$query = "INSERT INTO Accounts (FirstName, LastName, Username, Password, Access) VALUES ({$_POST['FirstNameTbx']}, {$_POST['LastNameTbx']}, {$_POST['UsernameTbx']}, {$_POST['PasswordTbx']}, {$_POST['AccessDDL']})";
        mysqli_query($link, $query);
        mysqli_close($link);
        $Error .= "$query";

Update:
I changed to prepared statement, now I am getting:

Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of elements in type definition string doesn’t match number of bind variables in /home/bryantrx/public_html/ec/add_user.php on line 19

There are only 5 variables that need to be bound, and the UserID auto increments, so it doesn’t need to be bound or referenced in the statement.. 

if ($stmt = $link->prepare("INSERT INTO Accounts (FirstName, LastName, Username, Password, Access) VALUES (?, ?, ?, ?, ?)")){
            $stmt->bind_param($_POST['FirstNameTbx'], $_POST['LastNameTbx'], $_POST['UsernameTbx'], $_POST['PasswordTbx'], $_POST['AccessDDL']);
            $stmt->execute();   
            $Error .= "success";
            $stmt->close();
        } else {
            echo $link->error;
        }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    To get an error message you need to call mysqli_error:

    $error = mysqli_error($link);

    You would also make life easier (and more secure) for yourself if you built your queries using prepare and parameters:

    $query = "INSERT INTO Accounts (FirstName, LastName, Username, Password, Access) 
            VALUES ( ?, ?, ?, ?, ?)";

if ($stmt = mysqli_stmt_prepare($link, $query)) {

    mysqli_stmt_bind_param($stmt, "sssss", 
                $_POST['FirstNameTbx'], 
                $_POST['LastNameTbx'], 
                $_POST['UsernameTbx'], 
                $_POST['PasswordTbx'], 
                $_POST['AccessDDL']);

    if (!mysqli_stmt_execute($stmt)) {
        $error = mysqli_stmt_error($stmt);
    }

    mysqli_stmt_close($stmt);

} else {
    $error = mysqli_error($link);
}

mysqli_close($link);

    UPDATE – ok, you’ve swapped to OO which is fine. When using bind_param the first parameter describes the data you are binding. In this case if it is five strings, you would put 5 “s” like so:

    $stmt->bind_param("sssss", 
           $_POST['FirstNameTbx'], 
           $_POST['LastNameTbx'], 
           $_POST['UsernameTbx'], 
           $_POST['PasswordTbx'], 
           $_POST['AccessDDL']);
    • 0