php bind_param for multiple values

Question

For some reason, when I try to use multiple bind params I can't get them to work.

$stmt = $mysqli->prepare("SELECT * FROM `course_timetable` WHERE 'student_id'=(SELECT 'student_id' FROM `student_accounts` WHERE `username`=?) AND `group`= (SELECT `group` FROM `student_timetable` WHERE `student_id` = (SELECT `student_id` FROM `student_accounts` WHERE `username`=?)");
    $stmt->bind_param('ss', $inputUser, $inputUser);

This is the error:

Fatal error: Call to a member function bind_param() on a non-object in /home/u926308913/public_html/get_user_timetable.php on line 10

Answer 1

The $mysqli->prepare function is most likely returning false, due to an error in your SQL statement.

I do notice the following errors:

SELECT * FROM `course_timetable` WHERE 'student_id'=(SELECT 'student_id' FROM `student_accounts` WHERE `username`=?) AND `group`= (SELECT `group` FROM `student_timetable` WHERE `student_id` = (SELECT `student_id` FROM `student_accounts` WHERE `username`=?)
---------------------------------------^----------^---------^----------^

Try replacing ' with `

Before binding the parameters, you can make sure the prepare statement succeeded, by doing this:

$stmt = $mysqli->prepare("SELECT * FROM `course_timetable` WHERE `student_id`=(SELECT `student_id` FROM `student_accounts` WHERE `username`=?) AND `group`= (SELECT `group` FROM `student_timetable` WHERE `student_id` = (SELECT `student_id` FROM `student_accounts` WHERE `username`=?)");

if ($stmt !== FALSE)
{
    $stmt->bind_param('ss', $inputUser, $inputUser);
}
else
{
    echo $mysqli->error; // optional - returns a string description of the last error
}

Have a look at the docs PHP - mysqli::prepare for further information.

Also, in case it helps, have a read up on JOINs, which may provide you with a better way of retrieving the records you want: Understanding JOINs in MySQL and Other Relational Databases