mysqli_stmt_bind_param trying to pass mixed variables as a string

Question

            foreach ($data_acceptable as $key => $value)
        {
            if($key != 'submit' && $value != 'submit')
            {
                $fields_array[] = $key;
                $values_array[] = $value;
                $placeholder_type .= "s";
                $placeholder_num .= "?,";
                $complete_array_info .= '$data_acceptable'."['".$key."'], ";

            }
        }


        // Builds strings from arrays
        $fields = implode(", ", $fields_array);
        // Adds '  ' around column names , example = 'user_name'
        $values = "'".implode("', '", $values_array)."'";
        // Removes last , example = ?,?,?
        $placeholder_num = substr($placeholder_num, 0, -1); 
        $complete_array_info = substr($complete_array_info, 0, -2);

        echo $complete_array_info."<br /><br />"; // outputs: $data_acceptable['email'], $data_acceptable['user_name'], $data_acceptable['password']
        echo $placeholder_type."<br /><br />"; // outputs: sss

        $query = "INSERT INTO users (".$fields.") VALUES (".$placeholder_num.")";

        echo $query;

        echo "<br />".$values."<br />"; 

        $stmt = mysqli_prepare($dbc, $query);

        mysqli_stmt_bind_param($stmt, $placeholder_type, $complete_array_info);

        mysqli_stmt_execute($stmt);

        $affected_rows = mysqli_stmt_affected_rows($stmt);

        if($affected_rows == 1){
            echo 'User Entered';
            mysqli_stmt_close($stmt);
            mysqli_close($dbc);
        } else {
            echo 'Error Occurred<br>';
            echo mysqli_error();
            mysqli_stmt_close($stmt);
            mysqli_close($dbc);
        }

What I'm trying to accomplish is to build a string ($complete_array_info) to store the syntax for the mixed var's within the mysqli_stmt_bind_param($stmt, $placeholder_type, $complete_array_info);

The error I'm getting is that my sss stored within $placeholder_type is defining 3 string variables to pass through the $placeholder_num (?,?,?) but the $complete_array_info ($data_acceptable['email'], $data_acceptable['user_name'], $data_acceptable['password']) isn't performing the proper argument required. If I paste the contents of $complete_array_info in it's place everything works fine.

I'm relatively new to php and MySQL, so maybe there's a completely other function to use that I'm unaware of but the end goal of all this is to have my own personal function which I can reuse to create a prepared statement for inserting any number of columns through a placeholder into my db.

Any help will be greatly appreciated.

You can not bind an array of parameters in mysqli. Try this way: http://stackoverflow.com/questions/16236395/bind-param-with-array-of-parameters - Or migrate to PDO. — Paul Spiegel, Apr 22 '17 at 15:41
Possible duplicate of [Bind Param with array of parameters](http://stackoverflow.com/questions/16236395/bind-param-with-array-of-parameters) — Paul Spiegel, Apr 22 '17 at 15:41
`$complete_array_info = "$data_acceptable['email'], $data_acceptable['user_name'], $data_acceptable['password']";` which is just a string, not an actual array. Maybe I am misunderstanding the bind an array comment in your response? — Fused, Apr 22 '17 at 17:07

mysqli_stmt_bind_param trying to pass mixed variables as a string

0 Answers0