I'm trying to fetch only one value of returned row .. here's what i have tried
function getUserEmail($username) {
global $mysqli;
$stmt = $mysqli->prepare("SELECT COUNT(*) FROM users WHERE username =? LIMIT 1");
$stmt->bind_param("s", $username);
$stmt->execute();
$userEmail = $stmt->fetch_object()->useremail;
return $userEmail;
}
I get this error
Fatal error: Call to undefined method mysqli_stmt::fetch_object()
what I'm looking for is only getting the user's email no need to fetch other data.
mysqli_stmt doesn't have a method fetch_object, but mysqli_result does.
see http://docs.php.net/manual/en/mysqli-stmt.get-result.php
Related
I've been doing SQL for over a year now, and have became completely stuck. For some reason, i'm not able to return any values from this table as I get the error
mysqli_fetch_array(): Argument #1 ($result) must be of type mysqli_result, mysqli_stmt given
I'm completely floored as to why this is happening, as i've used these kind of queries in the past
The code i'm using is
$user = "testuser";
$q = $conn->prepare("SELECT * FROM users WHERE username = ?");
$q->bind_param("s", $user);
$q->execute();
while($row = mysqli_fetch_array($q))
var_dump($row);
If I do var_dump($q), then I get an object object(mysqli_stmt)#3 (10) with no errors and the correct amount of fields. I'm just not able to read anything from this for some reason.
Thanks!
You need to call a get_result() before you can fetch your data
$user = "testuser";
$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
$stmt->bind_param("s", $user);
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
var_dump($row);
}
PS. better to use fetch_assoc() instead of fetch_array()
I'm currently working on a login script, and I got this code:
$selectUser = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$selectUser->bind_param('s', $username);
$selectUser->execute();
if ($selectUser->num_rows() < 0)
echo "no_user";
else
{
$user = $selectUser->fetch_assoc();
echo $user['id'];
}
Here's the error I get:
Fatal error: Uncaught Error: Call to undefined method
mysqli_stmt::fetch_assoc()
I tried all sorts of variations, like:
$result = $selectUser->execute();
$user = $result->fetch_assoc();
and more... nothing worked.
That's because fetch_assoc is not part of a mysqli_stmt object. fetch_assoc belongs to the mysqli_result class. You can use mysqli_stmt::get_result to first get a result object and then call fetch_assoc:
$selectUser = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$selectUser->bind_param('s', $username);
$selectUser->execute();
$result = $selectUser->get_result();
$assoc = $result->fetch_assoc();
Alternatively, you can use bind_result to bind the query's columns to variables and use fetch() instead:
$selectUser = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$selectUser->bind_param('s', $username);
$selectUser->bind_result($id, $password, $salt);
$selectUser->execute();
while($selectUser->fetch())
{
//$id, $password and $salt contain the values you're looking for
}
1) you need the mysqlInd driver.
The variable $db is of type mysqli_stmt, not mysqli_result. The mysqli_stmt class doesn't have a method fetch_assoc() defined for it.
You can get a mysqli_result object from your mysqli_stmt object by calling its get_result() method. For this you need the mysqlInd driver installed!
Alternative try this
$selectUser = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$selectUser->bind_param('s', $username);
$selectUser->execute();
$selectUser->bind_result($id, $password,$salt);
while ($selectUser->fetch()) {
printf("%s %s %s\n", $id, $password,$salt);
}
for more info about this Reference link
Now talk of alternatives.
PDO, unlike mysqli, never have a problem like this. It can fetch you an array out of a prepared statement without the need of installing any additional modules.
$stmt = $db->prepare("SELECT `id`,`password`,`salt` FROM `users` WHERE `username`=?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if (!$user) {
echo "no_user";
} else {
echo $user['id'];
}
See, it works exactly the way you would expect and require two times less code to write. Not to mention other wonderful features.
I have a sql statement to update confirm code and code in the database. I'm using bind param to bind the variables. It worked fine for my select and insert sql statements. However, it keeps giving me this error:
Fatal error: Uncaught Error: Call to a member function bind_param() on boolean
when I tried to execute the update query. I tried to search on every forums possible but found no answers and I hope someone could maybe spot my mistake. I'm having issues with $query1. Both code and confirmcode are varchar and not integer.
$username = $_GET['username'];
$code = $_GET['code'];
$confirmcode = "1";
$updatecode ="0";
$query=$con->prepare("SELECT username, code FROM customer_detail WHERE username ='$username'");
$query->execute();
$query->bind_result($checkusername, $checkcode);
$query->fetch();
$query1=$con->prepare("UPDATE customer_detail SET code=?, confirmcode=? WHERE username = ?"); //error
$query1->bind_param('sss',$username, $updatecode, $confirmcode); //error
$query1->execute();
The problem is that MySQLi can't run multiple queries at once, because it uses ubuffered queries. You'll need to close the first statement before you can run another. Add the following line after $query->fetch();.
$query->close();
This being said, your first query isn't guarded against SQL injection, because you use the variable directly in the query. Adding proper placeholders for your query, the final code would look like this
$query = $con->prepare("SELECT username, code FROM customer_detail WHERE username =?");
$query->bind_param('s', $username);
$query->execute();
$query->bind_result($checkusername, $checkcode);
$query->fetch();
$query->close();
$query1 = $con->prepare("UPDATE customer_detail SET code=?, confirmcode=? WHERE username = ?");
$query1->bind_param('sss',$username, $updatecode, $confirmcode);
$query1->execute();
$query1->close();
Try below code. Basically, you need to bind the params in the same order in which the placeholders (?) appear in the sql.
$query=$con->prepare("SELECT username, code FROM customer_detail WHERE username = ?");
$query->bind_param('s', $username);
$query->execute();
$query->bind_result($checkusername, $checkcode);
$query->fetch();
$query1=$con->prepare("UPDATE customer_detail SET code=?, confirmcode=? WHERE username = ?");
$query1->bind_param('sss', $updatecode, $confirmcode, $username);
$query1->execute();
Have you tried tis?
$query1->bind_param('iis', $updatecode, $confirmcode, $username);
I have seen numorous questions similar to this, however I still can't seem to resolve the problem, so sorry if this may be a duplicate.
Anyway here is the code:
/**
* 8.This method is used to get no of pending bets.
*/
public function noOfPendingBets($userId){
$res = array();
$stmt = $this->conn->prepare("select bet_id from user_bets where user_id=?");
echo $userId;
$stmt->bind_param("s", $userId);
$stmt->execute();
$stmt->bind_result($bet_id);
$num_row=0;
$stmt->fetch();
echo "bet_id:".$bet_id."<br>";
$sumBets=$this->abc($bet_id);
$num_row = $num_row+$sumBets;
$stmt->close();
return $num_row;
}
public function abc($bet_id)
{
$stmt = $this->conn->prepare("select u.user_id from user u inner join bets b on u.user_id=b.creator_id and b.bet_id=? and b.correct_option is null");
$stmt->bind_param("i", $bet_id);
$stmt->execute();
$stmt->store_result();
echo "no of rows:".$stmt->num_rows;
return $stmt->num_rows;
$stmt->close();
}
Your error is:
Fatal error: Call to a member function bind_param() on a non-object
So, bind_pamam() has a parent that is a non-object. That should be your $stmt variable. So $stmt is not an object. Add in this test:
if (!is_object($stmt)) die('ERROR: My statement is not an object!');
Just after you've made the statement. If you get the error message then you know what the problem is. I cannot explain, from the code you've given, why this does occur, and why it doesn't generate an error sooner.
So I just started learning PDO (and to be honest, I'm not fairly sure what I'm doing) and I want my code to get the number of rows that have the username that the user inputted, so that I would be able to check if the username already exists. This is what I have so far.
$username = $_POST['username'];
$user_check = $dbh->query("SELECT * FROM users WHERE username = :username");
$dbh->bindParam(':username', $username, PDO::PARAM_STR);
$user_row_count = $user_check->rowCount();
echo $user_row_count;
However this gives me an error that says Fatal error: Call to undefined method PDO::bindParam() in /var/www/register.php on line 41
A few minor niggles:
PDO::query() actually executes the SQL provided as its argument; to use SQL that includes parameter placeholders, you must first prepare the query and then execute it.
The result of a call to PDO::prepare() is a PDOStatement object, which supports the bindParam() method.
One must execute a statement before one can obtain the number of rows that it returns.
Therefore:
$username = $_POST['username'];
$user_check = $dbh->prepare("SELECT * FROM users WHERE username = :username");
$user_check->bindParam(':username', $username, PDO::PARAM_STR);
$user_check->execute();
$user_row_count = $user_check->rowCount();
echo $user_row_count;