Having another PHP issue that's probably something simple, but I'd really appreciate any help!
My function does a mysqli count but the $count parameter it gets bound to is not changed, even though the sql runs fine and there are no errors.
The function:
function itemsCount ($conn, $list_id) {
$count = 0;
if (!($stmt = $conn->prepare("SELECT count(uid) FROM collection.user_list_item WHERE list_id = ?"))) {
echo "Prepare failed: " . $mysqli->error;
}
if (!($stmt->bind_param('i', $list_id))) {
echo "Bind failed: " . $stmt->error;
}
if (!($stmt->execute())) {
echo "Execute failed: " . $stmt->error;
}
if (!($stmt->bind_result($count))) {
echo "Bind failed: " . $stmt->error;
}
echo $count;
$stmt->close();
return $count;
}
And the call:
public function doAdd ($conn, $list_id, $item_id) {
if ($this->itemsCount($conn, $list_id) < 20) {
...do stuff ...
}
}
Sorry the code isn't very nice, but please help point me in the right direction!
var_dump the $list_id, the param bind i, expect a integer. I expect your var to be a string which you can see with the var_dump. Either cast the string to int, or use a different param bind.
Related
I'm trying to loop through a stored procedure, called via prepared statement, in PHP. Hopefully it's not impossible. Here's my PHP code:
$database = new mysqli($server, $user, $pass, $db);
$stmt = $database->prepare("CALL thisShouldReturnEightResultSets (?)");
$stmt->bind_param("i", $id);
$stmt->execute();
do {
if ($res = $stmt->bind_result($myvar)) {
$stmt->fetch();
echo "*" . $myvar . "<br/>";
} else {
if ($stmt->errno) {
echo "Store failed: (" . $stmt->errno . ") " . $stmt->error;
}
}
} while ($stmt->next_result());
That should print like so:
* 4
* 16
* 7
etc...
... and then exit once it runs of out result sets. Instead I get:
* 4
Fatal error: Call to undefined method mysqli_stmt::next_result()
At first I tried get_result instead of bind_result, but that errored. Based on this I found that I don't have the mysqlnd driver installed. Iworked around that with bind_result. Now I need a work around for next_result which I'm guessing is part of the mysqlnd driver as well. What are my options here? Tech notes:
PHP Version 5.3.2-1ubuntu4.11
Thanks.
I don't think you can do this with a prepared statement, since you don't have the MYSQLND driver. You'll have to do it the old fashioned way, with escaping.
$id = $database->real_escape_string($id);
if ($database->multi_query("CALL thisShouldReturnEightResultSets ('$id')")) {
do {
if ($result = $database->store_result()) {
while ($row = $result->fetch_row()) {
echo "*" . $row[0] . "<br/>";
}
}
} while ($database->next_result());
}
bindResult does not like multiple results.
Use get_result() then fetch_assoc and store in an array,
Then use a foreach loop to output your results.
$res = $stmt->get_result();
$array[];
while($x = $res->fetch_assoc()){
$array[]=$x;
}
This question already has answers here:
Build SELECT query with dynamic number of LIKE conditions as a mysqli prepared statement
(2 answers)
Closed 3 years ago.
I'm trying to make a function that receive a query (sql) and a parameter (array) but I receive this error:
PHP Warning: Parameter 2 to mysqli_stmt::bind_param() expected to be
a reference, value given
My code is:
function dbRead($query, $param) {
$mysqli = new mysqli(DB::READ_HOST, DB::READ_USER, DB::READ_PASS, DB::NAME);
// Check that connection was successful.
if ($mysqli->connect_error) {
$result = "Connection error";
} else {
// Check that $conn creation succeeded
if ($conn = $mysqli->prepare($query)) {
call_user_func_array(array($conn, 'bind_param'), $param);
$conn->execute();
$result = $conn->get_result();
$result = $result->fetch_array();
$conn->close();
} else {
$result = "Prepare failed";
}
}
$mysqli->close();
return $result;
}
$test = dbRead('SELECT * FROM user WHERE id=? and email=?', array(123,'example#example.com'))
And if my function code is
function dbRead($query, $param) {
$mysqli = new mysqli(DB::READ_HOST, DB::READ_USER, DB::READ_PASS, DB::NAME);
// Check that connection was successful.
if ($mysqli->connect_error) {
$result = "Connection error";
} else {
// Check that $conn creation succeeded
if ($conn = $mysqli->prepare($query)) {
$ref = array();
foreach ($param as $key => $value) {
$ref[$key] = &$param[$key];
}
call_user_func_array(array($conn, 'bind_param'), $ref);
$conn->execute();
$result = $conn->get_result();
$result = $result->fetch_array();
$conn->close();
} else {
$result = "Prepare failed";
}
}
$mysqli->close();
return $result;
}
I receive this error
PHP Warning: mysqli_stmt::bind_param(): Number of elements in type
definition string doesn't match number of bind variables
My PHP version is 5.4.36
I was trying to do something very similar and pieced together the solution from a few different posts on PHP References and bind_param. What's probably not immediately clear from the bind_param examples (or you forgot) is that the first argument is a string of the parameter types, one character per parameter (in your case, likely "is" for int and string), and you already got that the rest of the arguments must be references in your second function definition.
So, creating the arguments array should be something like this instead:
$ref = array("is");
foreach ($param as $value)
$ref[count($ref)] = &$value;
Though there are many ways to do it... and you should probably pass in the argument types along with the query, but MySQL seems to be relaxed when it comes to type exact types. I also prefer to pass the connection around, and support multiple result rows, e.g.:
function doRead($conn, $query, $argTypes, $args){
$success = false;
$execParams = array($argTypes);
foreach($args as $a)
$execParams[count($execParams)] = &$a;
if (!$stmt = $conn->prepare($query)){
echo "Prepare failed: (" . $conn->errno . ") " . $conn->error;
}else if (!call_user_func_array(array($stmt, "bind_param"), $execParams)){
echo "Param Bind failed, [" . implode(",", $args) . "]:" . $argTypes . " (" . $stmt->errno . ") " . $stmt->error;
} else if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
} else
$success = true;
$ret = array();
if($success){
$res = $stmt->get_result();
while ($row = $res->fetch_array(MYSQLI_ASSOC))
array_push($ret, $row);
}
$stmt->close();
return $ret;
}
I am trying to achieve secure queries using prepared statements:
if (!($stmt = $db->prepare($q['query1']))) {
myException("Prepare failed: (" . $db->errno . ") " . $db->error);
} else if (!$stmt->bind_param("si", $variable1, $variable2)) {
myException("Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error);
} else if (!$stmt->execute() || !$stmt->store_result()) {
myException("Execute failed: (" . $stmt->errno . ") " . $stmt->error);
} else {
(...)
Is it the best way to do this? This code is unreadable. Can I use something like try catch block instead of if/else if? Will it work well?
As You suppose, this would be much clearer:
try {
$stmt = $db->prepare($q['query1']);
$stmt->bind_param("si", $variable1, $variable2);
$stmt->bind_param("is", $variable3, $variable4);
if($stmt->execute()) {
$stmt->store_result();
$stmt->bind_result($result);
$stmt->close();
} else {
throw new Exception("error");
}
} catch (\Exception $e) {
echo $e->getMessage();
}
[code has been edited due to OP request]
try {
$stmt = $db->prepare($q['query']);
$stmt->bind_param("s", $s);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($result);
if ($stmt->fetch()) {
$stmt->close();
return $result;
}
else
throw new Exception("error");
} catch (Exception $e) {
myExceptionHandler($e);
}
Will you accept that code? :)
I'm new to mysqli, I wrote a function as below.
1 - I couldn't find a way for SELECT * query and having bind_result to assign each column value to the same name variable. (e.g. name column value of #row stores to $name)
I think bind_result() has no function on a SELECT * query?
2 - So I tried another option, to fetch all rows and assign them to appropriate variable manually through a loop. I think I should use $query->fetch_all() or $query->fetch_assoc() for looping but I encounter with this:
Fatal error: Call to undefined method mysqli_result::fetch_all()
or
Fatal error: Call to undefined method mysqli_result::fetch_assoc()
However I did a phpinfo() and saw mysqlnd was enabled and php version is 5.4.7 (running XAMPP v1.8.1)
And 3- what finally I did is below idea that doesn't work either.
function the_names($name)
{
global $db;
if($query = $db->prepare("SELECT * FROM users where name=?"))
{
$query->bind_param('s', $name);
if($query->execute())
{
$query->store_result();
if($query->num_rows > 1)
{
while($row = $query->fetch())
{
echo $row['name']; // Here is the problem
}
}
else
echo "not valid";
$query->close();
}
}
}
I need a way to store all fetched data as what bind_result() does, or having them in an array for later use, and it's much better to know both. tnx
One word to answer all your questions at once - PDO
It has everything you are trying to get from mysqli (in vain):
function the_names($name)
{
global $db;
$query = $db->prepare("SELECT * FROM users where name=?");
$query->execute(array($name));
return $query->fetchAll();
}
$names = the_names('Joe');
foreach ($names as $row) {
echo $row['name'];
}
Note the proper way of using a function. it should never echo anything, but only return the data for the future use
If your mysqli code doesn't have binding_param() you can just write code like below :
$mysqli = new mysqli("localhost" , "root" , "" , "database_name");
$result = $mysqli->query( "SELECT * FROM users where name=" . $name) ;
while ( $row = $result->fetch_assoc() ) {
echo $row["name"];
}
If you use binding_param() code , you also need to set bind_result()
$db = new mysqli("localhost" , "root" , "" , "database_name");
function the_names($name){
global $db;
/* Prepared statement, stage 1: prepare */
if (!($query = $db->prepare("SELECT * FROM users where name=?"))) { # prepare sql
echo "Prepare failed: (" . $db->errno . ") " . $db->error;
}
/* Prepared statement, stage 2: bind and execute */
if (!$query->bind_param("s", $name)) { # giving param to "?" in prepare sql
echo "Binding parameters failed: (" . $query->errno . ") " . $query->error;
}
if (!$query->execute()) {
echo "Execute failed: (" . $query->errno . ") " . $query->error;
}
$query->store_result(); # store result so we can count it below...
if( $query->num_rows > 0){ # if data more than 0 [ that also mean "if not empty" ]
# Declare the output field of database
$out_id = NULL;
$out_name = NULL;
$out_age = NULL;
if (!$query->bind_result($out_id, $out_name , $out_age)) {
/*
* Blind result should same with your database table !
* Example : my database
* -users
* id ( 11 int )
* name ( 255 string )
* age ( 11 int )
* then the blind_result() code is : bind_result($out_id, $out_name , $out_age)
*/
echo "Binding output parameters failed: (" . $query->errno . ") " . $query->error;
}
while ($query->fetch()) {
# print the out field
printf("id = %s <br /> name = %s <br /> age = %s <br />", $out_id, $out_name , $out_age);
}
}else{
echo "not valid";
}
}
the_names("panji asmara");
Reference :
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
This question already has answers here:
Call to undefined method mysqli_stmt::get_result
(10 answers)
Closed 9 years ago.
I am executing select query using mysqli ...
/** ------------ queries ---------- **/
$stmt = $mysqli->prepare("SELECT * FROM dept");
if(! $stmt)
{
echo "statement not prepared well";
}
else
{
echo $mysqli->error;
}
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
// add else
else{
echo "Query is successfully executed but no result fetch";
}
if (!($res = $stmt->get_result())) {
echo "Getting result set failed: (" . $stmt->errno . ") " . $stmt->error;
}
/** ------------------------------- **/
#------result ----
var_dump($res->fetch_all());
#---------(/result)----
My problem is the execute() is working fine but cannot fetch the records ... The table has good amount of data in it ... it is showing "Query is successfully executed but no result fetch" and after it Fatal error: Call to undefined method mysqli_stmt::get_result()
What am I doing wrong .. ?
Break the following
if (!($res = $stmt->get_result())) {
to
$res = $stmt->get_result();
if( !$res ) {
Or rather to
$res = $stmt->get_result();
if( $res->num_rows == 0 ) {
The error(I didn't notice it earlier) is because
mysqli_stmt::get_result() is available only with mysqlnd.
You need to install/configure it following the guidelines here.
What am I doing wrong .. ?
You are using mysqli instead of PDO
Whole your code could be rewritten in these few lines using PDO:
$stmt = $pdo->prepare("SELECT * FROM dept");
$stmt->execute();
var_dump($stmt->fetchall());
without all these numerous if and echo.
And the difference will be even bigger when you start with prepared statements