Using bind_parameters with unknown number of parameters

Question

I am using php with mysqli for a web project.

Supposed we need to find the song with title "She is like the wind".
If we were for sure that the user would input the words of the song in order we could do that (pseudocode):

get input and apply explode()
concat each word with % between them
and execute query

With this input: "she the wind", which will be transformed to "%she%the%wind%", the song will be found.
But when the input is like this: "wind like" -> "%wind%like%", the song will not be found.

I thought of making the $query string by adding like %?% and as much times as the length of the array of words is. So the $query string is ready.

The problem shows up with bind parameters $vars argument.
Again the $types string can be concatenated by something like this:

$types .= "s"; //again, the number of times as the length of the array.

But what about the variables representing the words? If there are 2 words the function call will be something like:

bind("ss", $word1, $word2)

How many $word variables to use?

We could set a maximum number of words to search, in example 5, but here we get another problem. What would be the contents of the variables that will not be used? In example, if input is 2 words, what will the 3 last vars contain?

Answer 1

For the variable number of binding parameters you can just bind them in a loop, one at time.

However, in your present case you have actually only one variable to bind. So, just make your search string into variable and then bind it to the query.