I want to prepare a mysql script that first checks the id of the user based on given email and later on use this found id in the next query. What I did so far is as follows:
$find_id = "SELECT id from client
WHERE email = ? ";
$statement = $mysqli->prepare($find_id);
$statement->bind_param("s", $client_mail);
$statement->execute();
$statement->bind_result($id);
$statement->free();
$sql = "SELECT client_name, contact_name from client_addr
WHERE client_id = ? AND is_actual < ? ";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("is", $id, "Y");
$stmt->execute();
$result = $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
echo json_encode($result);
but now I'm getting the error related to this line:
$statement->free();
that says Call to undefined method mysqli_stmt::free() in.
However, when I remove this line I'm getting the error:
Uncaught exception 'mysqli_sql_exception' with message 'Commands out of sync; you can't run this command now'
on this line:
$stmt = $mysqli->prepare($sql);
How can I fix it?
I believe the function you're trying to use would be mysqli_stmt::free_result(). You'll need to change this line:
$statement->free();
To:
$statement->free_result();
The second Uncaught exception occurs because mysqli is an unbuffered SQL query handler, so you should store your results if you're looping simultaneous executions with something like $stmt->store_result(); and then you can unload the mysqli buffer to state a new query.
Related
I have following lines of code to fetch multiple records using PHP 7.3
$query = "Select * from tblorders";
$stmt = $connection->prepare($query);
$stmt->execute();
$result = $stmt->fetchAll();
The last line issues as error.
Error Details
Uncaught Error: Call to undefined method mysqli_stmt::fetchAll()
I can confirm that the connection is not null and has proper connection details.
Am I missing anything?
This is because there is no such function! You are mixing PDO and mysqli.
If you want to fetch all records from a mysqli prepared statement you need to do it in two steps. First, fetch the result set using mysqli_stmt::get_result() and then use mysqli_result::fetch_all()
$query = "Select * from tblorders";
$stmt = $connection->prepare($query);
$stmt->execute();
$resultSet = $stmt->get_result();
$data = $resultSet->fetch_all(MYSQLI_ASSOC);
However, I would strongly advise learning PDO instead of mysqli as it is much easier and offers more options.
I made this code to display my user's details if I search for their email.
file.php
$sql = "SELECT * FROM users WHERE email='$email'";
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $email);
$stmt->execute();
$result2 = $stmt->get_result();
file.html
while ($row = $result2->fetch_assoc()) { //results }
The problem with this code is that I get always a fatal error.
Fatal error: Uncaught Error: Call to a member function fetch_assoc() on null in ____ Stack trace: #0 {main} thrown in ______
Even though my script works perfectly because when I am searching for my users detail it shows them as expected.
What do they mean with this error? Can I get SQL Injected if I stay it like this? How can I remove this error?
1.) Fix binding your email parameter....
$sql = "SELECT * FROM users WHERE email='?'";
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $email);
$stmt->execute();
$result2 = $stmt->get_result();
2.) For error you're getting i assume you get some error, you should check for $result2, if it's false > that means error
Does anyone have any idea why I get two errors for such a simple query? Error message are:
Warning: mysqli::prepare(): Couldn't fetch mysqli in (...)/functions.php on line 503
Fatal error: Call to a member function bind_param() on null in (...)functions.php on line 504
$query_select = ("SELECT * FROM vat WHERE vat_status = ?");
$stmt = $mysqli->prepare($query_select); // line 503
$stmt->bind_param("s", $vat_status);
$stmt->execute();
$stmt->store_result();
$count = $stmt->num_rows();
$stmt->bind_result ($vat_id ,
$vat_rate ,
$vat_account ,
$vat_description ,
$vat_status ,
$vat_timestamp );
The problem was that I was triggering an UPDATE statement and then an SELECT statement, and both of them used $stmt variable. That was what went wrong.
Now I use
mysqli_stmt_close($stmt);
Which really closes the $stmt and frees the result, so I can trigger after an update, the select statement.
The following code is producing the error: Notice: Undefined variable: morrisons.
I have absolutely no idea why this error is occuring, it seems to be a problem with the actual assigned variable in that it just doesn't get assigned.
$sql = "SELECT name
FROM stds
INNER JOIN `users`
ON users.`id` = stds.`id`
WHERE users.`username` = ?";
if ($stmt = $db->prepare($sql)) {
$stmt->bind_param("s", $_POST['username']);
$stmt->execute();
$stmt->bind_result($morrisons);
$stmt->fetch();
$stmt->close();
}
echo $morrisons;
$stmt->bind_result($morrisons);
This line only executes if this line
if ($stmt = $db->prepare($sql)) {
produces a true result. Otherwise the whole block is skipped and $morrisons never gets declared. So this line
echo $morrisons;
will produce an error. So the root cause is that $db->prepare returns false, which means the query is wrong in some way or the database connection is gone. Check for errors in this case.
I'm running two queries in my script room.php. Both are using MySQLi prepared statements, and their code are as follows:
/* Get room name */
$stmt = $mysqli->prepare('SELECT name FROM `rooms` WHERE r_id=?');
$stmt->bind_param('i', $roomID);
$stmt->execute();
$stmt->bind_result($roomName)
/* Add this user to the room */
$stmt = $mysqli->prepare('INSERT INTO `room_users` (r_id, u_id) VALUES (?, ?)');
$stmt->bind_param('ii', $roomID, $_SESSION['userID']);
$stmt->execute();
When I run the script, I get this error:
Fatal error: Call to a member function bind_param() on a non-object in C:\wamp\www\room.php on line 24
Which is the second query. If I remove the first query from the script, everything runs fine. Likewise if I remove the second query. Which leads me to believe there's a problem because I'm reusing the $stmt object. If I try the second query using $stmt2 I still get the error.
All my database tables and fields exist, so there's nothing wrong with the queries.
All of the mysqli functions/methods can fail in which case they will return false. I.e. if prepare() fails $stmt isn't an object you can call a method on but a bool(false). You have to check the return values and add some error handling, e.g.
$stmt = $mysqli->prepare('SELECT name FROM `rooms` WHERE r_id=?');
if ( !$stmt ) {
printf('errno: %d, error: %s', $mysqli->errno, $mysqli->error);
die;
}
$b = $stmt->bind_param('i', $roomID);
if ( !$b ) {
printf('errno: %d, error: %s', $stmt->errno, $stmt->error);
}
$b = $stmt->execute();
if ( !$b ) {
and so on and on
see http://docs.php.net/mysqli-stmt.errno et al
in this case you probably bumped into the problem that you can't create an other statement while there are still results/result sets pending for the previous statement.
see http://docs.php.net/mysqli-stmt.close:
Closes a prepared statement. mysqli_stmt_close() also deallocates the statement handle. If the current statement has pending or unread results, this function cancels them so that the next query can be executed.