Lỗi mysqli_error expects exactly 1 parameter 0 given in

Tengo el siguiente cogido para realizar una consulta de insert pero a la hora de enviar el formulario me aparece el mensaje de :

Warning: mysqli_error() expects exactly 1 parameter, 0 given in C:\xampp_7_3_4\htdocs\Control_flotilla\scripts\reg_vehiculo.php on line 20

Problemas al insertar.

A que se debe como lo podría solucionar??

First, I would construct a simple string variable with the entire SQL statement, and output that to see what it actually generated.

The next thing to realize is that the mysqli...error() functions require an argument which points to the link, such as in your case $insert. IE, the or die (mysqli_connect_error()) should probably be or die (mysqli_error($insert)) or or die (mysqli_connect_error($insert)). Personally, I'd use mysqli_error($insert) since there could be an error that is not related to the connection, but with the statement itself.

AndrisP 193 Posting Pro in Training

7 Years Ago

if you want insert:

INSERT INTO tablename (col1, col2, col3) VALUES (?,?,?)

if you want update table:

UPDATE tablename SET col1 = ? , col2 = ? , col3 = ? WHERE id = ?

your example contain illegal mix of sql commands. And do not directly put variables into SQL, use prepare and execute statement!

Edited 7 Years Ago by AndrisP

rubberman 1,355 Nearly a Posting Virtuoso Featured Poster

7 Years Ago

@AndrisP is correct. If you use prepared statements with placeholders you are much safer from SQL injection attacks for one thing.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Warning: mysqli_error() expects exactly 1 parameter, 0 given in /home/ubuntu/workspace/Project/Admin.php on line 48 Call Stack: 0.0011 239616 1. {main}() /home/ubuntu/workspace/Project/Admin.php:0 0.0028 249744 2. mysqli_error() /home/ubuntu/workspace/Project/Admin.php:48 Error in query: INSERT `Membership` (`First_Name`, `Surname`, `Gender`, `DOB`, `Email Address`, `Password`) VALUES ('ewqewq', 'qweqw', '', '1966','eqweqe', 'eqwe').

The mysqli_error() function is used to return the error in the most recent MySQL function call that failed. If there are multiple MySQL function calls, the error in the last statement is the one that is pointed out by the function.

The problem is that you need to supply the connection for the function to do anything: PHP mysqli_error() Function[^]

And while we're here ... Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.

When you concatenate strings, you cause problems because SQL receives commands like:

SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'

The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:

SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;

Which SQL sees as three separate commands:

SELECT * FROM MyTable WHERE StreetAddress = 'x';

A perfectly valid SELECT

DROP TABLE MyTable;

A perfectly valid "delete the table" command

And everything else is a comment. So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.

So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?