I have a function that generates a prepared INSERT statement based on an associative array of column names and values to be inserted into that column and a table name (a simple string):
function insert ($param, $table) {
$sqlString = "INSERT INTO $table (".implode(', ',array_keys($param)).') VALUES ('.str_repeat('?, ', (count($param) - 1)).'?)';
if ($statement = $this->conn->prepare($sqlString)):
$parameters = array_merge(array($this->bindParams($param), $param));
call_user_func_array(array($statement, 'bind_param', $parameters));
if (!$statement->execute()):
die('Error! '.$statement->error());
endif;
$statement->close();
return true;
else:
die("Could Not Run Statement");
endif;
}
My problem is that $this->conn->prepare (it's part of a class, conn is a NEW mysqli object, which works with no issues) returns false, but does not give me a reason why!
Here is a sample $sqlString that gets built for the prepare statement:
INSERT INTO students (PhoneNumber, FirstName, MiddleInit, LastName, Email, Password, SignupType, Active, SignupDate) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
Can anyone see a problem with this parameterized statement? Any reason the prepare function would return false?
I'm copying the solution into this answer so this can be given an upvote, otherwise the question will appear in the "unanswered questions" forever. I'm marking this answer CW so I won't get any points.
@Andrew E. says:
I just turned on
mysqli_report(MYSQLI_REPORT_ALL)
to get a better understanding of what was going on - turns out that one of my field names was incorrect - you'd think thatprepare()
would throw an exception, but it fails silently.