Why do I get “Only variables should be passed by reference” in a prepared statement

Question

I am getting the error \"Only variables should be passed by reference\" if my code is like this.

$query = \"SELECT COUNT(`user_id`) FROM `test` WHERE `username`          


        

Answer 1

The bind parameters function of mysqli is intended to

Binds variables to a prepared statement as parameters

the purpose of which is to protect against sql-injection

in your first code block above you attempting to set the variable inside of the bind_param function and in your second block you are setting the variable before the function call

another method would be to just pass in the value

  $stmt->bind_param('si',$username,1);

though this method will work it does violate the strict interpretation, and may trigger warning and/or errors

It is best to always pass in a variable and avoid potential issues

$active = 1;    
$stmt->bind_param('si',$username,$active);