I've been trying to get a php/mysqli simple search up and running, but i can't seem to get it working. I've been following some directions i found in an earlier question (Link) but it still won't work.
$sql = 'SELECT product_title FROM product ';
$where = array();
$values = array();
$types = '';
if (isset($_GET['searchText']) and $_GET['searchText'] != '') {
$where[] = 'WHERE product_title = ?';
$values['titel'] = $_GET['searchText'];
$types .= 's';
}
if (isset($_GET['searchCategorySelect']) and $_GET['searchCategorySelect'] != '') {
$where[] = 'WHERE product_categoryid = ?';
$values['category'] = $_GET['searchCategorySelect'];
$types .= 's';
}
$sql .= implode(' AND ',$where);
$values = array_unshift($values, $types);
$search_stmt = $mysqli->prepare($sql);
$search_stmt->bind_param($values);
$search_stmt->execute();
That results in this error message: "Wrong parameter count for mysqli_stmt::bind_param() in..."
Some advice or help would be appreciated.
mysqli_stmt::bind_param expects minimum of 2 parameters, but you are passing one
Syntax:
bool PDOStatement::bindParam ( mixed $parameter , mixed &$variable [, int $data_type = PDO::PARAM_STR [, int $length [, mixed $driver_options ]]] )
Where
Parameter: Parameter identifier. For a prepared statement using named placeholders, this will be a parameter name of the form :name. For a prepared statement using question mark placeholders, this will be the 1-indexed position of the parameter.
Variable: Name of the PHP variable to bind to the SQL statement parameter.
data_type: Explicit data type for the parameter using the PDO::PARAM_* constants. To return an INOUT parameter from a stored procedure, use the bitwise OR operator to set the PDO::PARAM_INPUT_OUTPUT bits for the data_type parameter.
length: Length of the data type. To indicate that a parameter is an OUT parameter from a stored procedure, you must explicitly set the length.
You could also do it like this:
$values = array_unshift($values, $types);
call_user_func_array (array ($search_stmt, 'bind_param'), $values);
$search_stmte->execute();