Let me explain the story, so I am starting a website users can join and track stuff from a website, I want to create a postback link that inserts 'payout' into the table with the locker code, but when I try and test it, it gives me this error
Execute failed: (2031) No data supplied for parameters in prepared statement
So here is the code that I used...
<?php
define("MYSQL_HOST", "localhost");
define("MYSQL_PORT", "3306");
define("MYSQL_DB", "dbuser");
define("MYSQL_TABLE", "userpayout");
define("MYSQL_USER", "user");
define("MYSQL_PASS", "dbpassweord");
$mysqli = new mysqli(MYSQL_HOST, MYSQL_USER, MYSQL_PASS, MYSQL_DB);
if ($mysqli->connect_errno)
{
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " .
$mysqli->connect_error;
}
$aff_sub1 = $_GET['aff_sub'];
$aff_sub2 = $_GET['aff_sub'];
$aff_sub3 = $_GET['aff_sub'];
$aff_sub4 = $_GET['aff_sub'];
$aff_sub5 = $_GET['aff_sub'];
$aff_sub6 = $_GET['aff_sub'];
$payout = $_GET['payout'];
if (!($stmt = $mysqli->prepare("UPDATE ".MYSQL_DB.".".MYSQL_TABLE." SET
payout=payout+(?) WHERE aff_sub1=(?)")))
{
echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
$stmt->bind_param('ds', $aff_sub1, $aff_sub2, $aff_sub3, $aff_sub4, $aff_sub5, $aff_sub5, $payout);
if (!$stmt->execute())
{
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
else
{
printf("%d Row updated, added $".$payout." to locker ".$aff_sub1." .\n",
mysqli_stmt_affected_rows($stmt));
}
?>
So I am trying to track multiple aff_subs which are the lockers that they get the payout from. I want to insert it into the row with the same affsubs.
Check the variables $aff_sub1, $aff_sub2, payout etc. before calling bind_param to make sure they are set.
Also make sure the postback link is invoked via GET method, since you are retrieving the variables from $_GET.
Related
I am a bit lost with my prepared statement. My goal it to read a simple small csv file (100 lines and about 10 columns) into a mysql database.
Since I couldn't get that to work I simplified the mysql table to one column for now (OrderUuid). The first part of the code I hardcoded a testvalue for my OrderUuid variable, which gets added to mysql fine. However, when I take the column value form the csv file (line[0]), nothing (an empty string I think) gets added to the db table.
Here is my code:
while(($line = fgetcsv($csvFile)) !== FALSE){
//This works!
$OrderUuid = "Test";
$insertQry2 = $conn->prepare("INSERT INTO orders_test (OrderUuid) VALUES (?)");
$insertQry2->bind_param("s", $OrderUuid);
if(!$insertQry2->execute()){trigger_error("there was an error....".$conn->error, E_USER_WARNING);}
//This doesn't
$OrderUuid = $line[0];
echo $OrderUuid."<br>"; //Returns something like: d17e91d5-63b9-4a56-a413-3274057073c7
$insertQry3 = $conn->prepare("INSERT INTO orders_test (OrderUuid) VALUES (?)");
$insertQry3->bind_param("s", $OrderUuid);
if(!$insertQry3->execute()){trigger_error("there was an error....".$conn->error, E_USER_WARNING);}
}
Any help would be appreciated!
Thanks!
Norm
EDIT 1:
Thanks for all the tips guys! I rewrote the code, but unfortunately the script is still inserting empty strings into my table. There is no error messages whatsoever.
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$flag = true;
$data = array();
while(($line = fgetcsv($csvFile)) !== FALSE){
if($flag) { $flag = false; continue; }
$data[] = $line;
}
if (!($stmt = $conn->prepare("INSERT INTO orders_test (OrderUuid) VALUES (?)"))) {
echo "Prepare failed: (" . $conn->errno . ") " . $conn->error;
}
if (!$stmt->bind_param("s", $data[0][0])) {
echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
foreach($data as $dat) {
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
}
Here is my super simple table:
CREATE TABLE orders_test (
OrderUuid varchar(500) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
For anyone that is interested, it was actually super simple in the end. The file contained some letters that the database interpreted as lots of line breaks I think. Therefore applying
strip_tags
did the trick.
I am starting to use mysqli and I got it working on my virtual server but can't get it working on my real server. The databases are the same. I have tried both store and get_result. Any idea what am I doing wrong?
Everything I try to echo, print or var_dump does not show up IF Place after execute but the command will be executed. It worked well on UPDATE and INSERT.
<?php
$mysqli = new mysqli("127.0.0.1", "user", "pass", "db", 3306);
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
echo $mysqli->host_info . "\n";
$sam = 1;
$stmt = $mysqli->prepare("SELECT released FROM svers");
$stmt->execute();
echo "#";
var_dump($sam);
$res = $stmt->get_result();
var_dump($res);
$row = $res->fetch_assoc();
var_dump($row);
$mysqli->close();
The host_info is displayed as "127.0.0.1 via TCP/IP" followed By the # I echoed inside the if() but can't get anything from my database. Even the other # between the $row[ ] info are not showing. Here is my code:
<?php
$mysqli = new mysqli("127.0.0.1", "user", "password", "database", 3306);
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
echo $mysqli->host_info . "\n";
$stmt = $mysqli->prepare("SELECT * FROM svers ORDER BY released DESC LIMIT 1");
if ($result = $stmt->execute()){
echo "#";
$result = $stmt->get_result();
$row = $result->fetch_array(MYSQLI_BOTH);
echo $row['version'] . "#" . $row['released'] . "#" . $row['note'];
$stmt->free_result();
}else {
echo "error";
}
$mysqli->close();
?>
Ok problem solved. My real server didn't support mysqlnd so can't use get_result(). Thanks for the help guys!
You are saying got it working on my virtual server but can't get it working on my real server.
Then check svers table on real server contains any data.
I am currently trying to update a image on database.The file information is being carried over however I getting the 'Warning: mysql_query() expects parameter 1 to be string, resource given in ' . Heres my code.
$size = $_FILES['file']['size'] ;
$type = $_FILES['file']['type'];
$tmp_name = $_FILES['file']['tmp_name'];
$name = $_FILES['file']['name'];
mysql_select_db($database_fot, $fot);
$image = addslashes(fread(fopen($tmp_name, "rb"),$size));
$qry = "UPDATE film SET (image)" . " VALUES ('$image')";
$result=mysql_query($qry) or die(mysql_error());
I keep getting the error 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(image) VALUES ('ÿØÿà\0JFIF\0\0\0\0\0\0ÿÛ\0„\0 ' at line 1'
try this maybe it will work
$con = mysqli_connect("hostname", "username", "password" ,"database") or die("Could not connect database"); //the connection line
$query=mysqli_query($con,'UPDATE film SET image="'.$image.'"')or trigger_error(mysqli_error()); ///where $con is the mysqli_connect variable
Note:you should use mysqli instead of mysql because mysql is no longer valid with newer mysql batabases
you should insert the a link to the image instead of the image itself in the database
Use this script.
<?php
ini_set('display_errors', 'On');
ini_set('display_startup_errors', 'On');
error_reporting(E_ALL);
$mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
$errorinfo = $_FILES['file']["error"];
$filename = $_FILES['file']["name"];
$tmpfile = $_FILES['file']["tmp_name"];
$filesize = $_FILES['file']["size"];
$filetype = $_FILES['file']["type"];
if (!($filetype == "image/jpeg" && $filesize > 0)) {
echo "Import of photo failed";
}
if ($filetype == "image/jpeg" && $filesize > 0 && $filesize < 1048576) {
echo "Import of photo success";
if (!($stmt=$mysqli->prepare("INSERT INTO film (image) VALUE (?)"))) {
echo "Prepare failed: (" . $mysqli->errno . ")" . $mysqli->error;
}
$null = NULL;
if (!$stmt->bind_param("s", $_POST['file'], $null)) {
echo "Binding parameters failed: (" . $stmt->errno .") " . $stmt->error;
}
if (!$stmt->send_long_data(0, file_get_contents($_POST['file']))) {
echo "Did not get contents";
}
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
else {
printf("%d row inserted.<br/>", $stmt->affected_rows);
}
}
else {
echo "Image must be under 1 MB";
}
$stmt->close();
$mysqli->close();
?>
I have read everything I can think of to get an explanation but nothing seems to help. If someone might be able to point out the obvious or give me a slight idea of what is wrong. I have read through php.net and the mysqli tag and can't seem to figure this out. Everything I read says you can't send two queries but I am only trying one. Any help would be much appreciated.
This->https://stackoverflow.com/a/9649149/1626329 - States that maybe I have multiple result sets but I am not sure that makes much sense or what I can do to get more detail on the inner workings of prepared statements.
My Code:
class mydb {
public function __construct() {
// Connect to Database
$this->mydb = new mysqli('****', '***', '***', '***');
if ($this->mydb->connect_errno) { // Error on connection failure
echo "Failed to connect to MySQL in Construct: (" . $this->mydb->connect_errno . ") " . $this->mydb->connect_error;
}
}
public function choose ($select, $from, $config = 0, $options = NULL) {
if ($config === 0) { /** Configure statement for prepare depending on options */
$stmt = 'SELECT ' . $select . ' FROM ' . $from;
} elseif ($config === 1) {
$stmt = 'SELECT ' . $select . ' FROM ' . $from . ' WHERE ' . $options['where_comp'] . ' LIKE ?';
} elseif ($config === 2) {
$stmt = 'SELECT ' . $select . ' FROM ' . $from . ' WHERE ' . $options['where_comp'] . ' = ?';
} /** End if/elseif Prepare statemenet */
$mydb = $this->mydb->prepare($stmt);
if ($config === 1 || $config === 2) {
$mydb->bind_param("s",$options['where_value']);
}
if ($mydb->execute()) { /** If execute is good then get results */
$result = $mydb->get_result();
$payload = array();
while ($row = $result->fetch_array(MYSQLI_NUM)) {
$payload[] = $row;
}
return $payload;
} /** End if results */
} /** End choose class method */
} /** End mydb Class */
$myDB = new mydb();
$agentArray = $myDB->choose('*','`agent`');
Used the php.net example and modified it to show a better example:
$mysqli = new mysqli('host', 'database', 'user', 'pass');
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
if (!($stmt = $mysqli->prepare("SELECT ? FROM ?"))) {
echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!($res = $stmt->get_result())) {
echo "Getting result set failed: (" . $stmt->errno . ") " . $stmt->error;
}
for ($row_no = ($res->num_rows - 1); $row_no >= 0; $row_no--) {
$res->data_seek($row_no);
var_dump($res->fetch_assoc());
}
$res->close();
The very first result from the "Related" section on this page (Means it was offered to you while you were in struggle writing your question) offers a solution.
As a general rule, it is quite easy to find an answer to a question based on the error message. Only you need is not to stop at the very first search result but proceed a bit more.
However, on this function choose() of yours. I find it quite impractical, unsafe, and useless:
impractical because it doesn't let you to use SQL, but a very limited subset of it.
and also it makes your code extremely hard to understand.
unsafe because it does offer no protection for all the dynamical parts but where value only
useless because it can save you not that much to worth a mess.
Look, you think you saved yourself 2 words - SELECT and FROM.
$agentArray = $myDB->choose('*','`agent`',1,
array('where_comp' => 'name', 'where_value' -> "%bob%"));
yet you made this code hard to understand, hard to maintain and unable to run ever simplest JOIN. Why not to make it. Not to mention that actual code become longer than conventional SQL query:
$sql = 'SELECT * FROM `agent` WHERE name LIKE ?';
$agentArray = $myDB->query($sql, "%bob%");
which one is easier to read?
Adding an if statement to show the error correctly actually gives a mysql error response that can be used:
if (!($stmt = $mysqli->prepare("SELECT ? FROM ?"))) {
echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
Error response:
Prepare failed: (1064) You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?' at line 1
-- You can't pass identifiers through prepared-statements and you should only use it for values passed from user input.
Hi Im duplicating a row with multiple queries and would like to get the mysql_insert_id() from the result. The duplicating works fine but I seem unable to get the last id from it.
Here is my code:
$mysqli = new mysqli("localhost", "xxxx", "xxxx", "xxxx");
if ($mysqli->connect_errno) {
echo($error_page_header);
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
echo($error_page_footer);
exit;
}
$sql = "CREATE TEMPORARY TABLE tmp ENGINE=MEMORY SELECT * FROM test_table WHERE id=1; ";
$sql.= "UPDATE tmp SET id=NULL; ";
$sql.= "INSERT INTO test_table SELECT * FROM tmp; ";
$sql.= "DROP TABLE tmp; ";
if (!$mysqli->multi_query($sql)) {
echo($error_page_header);
echo "Multi query failed: (" . $mysqli->errno . ") " . $mysqli->error;
echo($error_page_footer);
exit;
} do {
if ($res = $mysqli->store_result()) {
var_dump($res->fetch_all(MYSQLI_ASSOC));
$res->free();
}
} while ($mysqli->more_results() && $mysqli->next_result());
echo( 'id: ' . mysql_insert_id() ); // prints 0
Don't be confused .. ext/mysql and mysqli are not compatible and can't be used with each other. Use $mysqli->insert_id (it's per-connection)