I'am trying to make a PHP login for my university website where I want the user to login with their usernames.
I'm trying this query in mysqli with prepared statements but its giving error like the number of parameters exceed. It's giving the right error and I know that I'm causing any issue/problem somewhere.
$user_roll = $_SESSION['roll'];
$stmt = $conn->prepare("
SELECT roll, name, course, semester FROM students WHERE roll = ?
");
$stmt->bind_param('isssi',$roll,$name,$course,$semester,$user_roll);
You are doing a mix of ->bind_param() and bind_result(). You only need the 1 param ($user_roll) in ->bind_param(), and the others will be used in ->bind_result() after your ->execute(), for example -
$user_roll = $_SESSION['roll'];
$stmt = $conn->prepare("SELECT roll, name, course, semester FROM students WHERE roll = ?");
$stmt->bind_param('i',$user_roll);
$stmt->execute();
$stmt->bind_result($roll,$name,$course,$semester);
while($stmt->fetch()){
echo $roll."<br />";
echo $name."<br />";
echo $course."<br />";
echo $semester;
}