Home/ Questions/Q 684421
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T01:48:54+00:00

I am using mysqli_stmt_bind_param() to create an INSERT statement. For some reason I am

  • 0

I am using mysqli_stmt_bind_param() to create an INSERT statement. For some reason I am getting an error. I used mysqli_error() to see the error message, but it’s not especially useful.

Is there a way to just see what query is actually being executed?

the resulting error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘desc,date,expdate,mintix,maxtix,contactname,contactemail,contactphone) VALUES (?’ at line 1

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Prepared statements created by mysqli_prepare() are server-side prepared statements.
    When you execute such a prepared statement only the statement id and the parameters are transferred, not some query string as if you would replace the placeholders by the actual parameters (on the client-side, i.e. your php script).
    But you can see the result in the general log of the MySQL server, see Prepared Statement Logging

    edit: in your case the preparation of the statement fails because desc is a reserved keyword.
    For a list of keywords and how to use them as identifiers (if necessary) see http://dev.mysql.com/doc/refman/5.0/en/reserved-words.html

    $q = '
  INSERT INTO
    `event`
    (
      `cityid`, `name`, `desc`, `date`,
      `expdate`, `mintix`, `maxtix`,
      `contactname`, `contactemail`, `contactphone`
    )
  VALUES
    (
      ?,?,?,?,
      ?,?,?,
      ?,?,?
    )
';

if ( false===($stmt=mysqli_prepare($dblink, $q)) ) {
  /* 
    in production-code you might not want to reveal
    the error string to each and every user
    ...but for this example and for debugging purposes:
  */
  die('mysqli_prepare failed: '.htmlspecialchars(mysqli_error($dblink)));
}

$rc = mysqli_stmt_bind_param(
  $stmt,
  "issssiisss",
  $city,$name,$desc,$date,
  $expdate,$mintix,$maxtix,
  $contactname,$contactemail,$contactphone
);
if ( false===$rc ) {
  die('mysqli_stmt_bind_param failed: '.htmlspecialchars(mysqli_stmt_error($stmt)));
}


if ( false===mysqli_stmt_execute($stmt) ) {
  die('mysqli_stmt_execute failed: '.htmlspecialchars(mysqli_stmt_error($stmt)));
}

mysqli_stmt_close($stmt);
    • 0