I'm having trouble trying to get the following to work:
$stmt = $mysqli->prepare("INSERT INTO member_data (member_id, name, address, telephone, mobile) VALUES (?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE member_data SET name = ?, address = ?, telephone = ?, mobile = ? WHERE member_id = ?");
$stmt->bind_param('ssssssssss', $_SESSION['user_id'], $_POST['new_name'], $_POST['new_address'], $_POST['new_telephone'], $_POST['new_mobile'], $_POST['new_name'], $_POST['new_address'], $_POST['new_telephone'], $_POST['new_mobile'], $_SESSION['user_id']);
$stmt->execute();
$stmt->close();
It doesn't seem to be able to update or insert any values.
I'm sure I've done something wrong, but I've searched and haven't found anything relevant to my issue. Is this the right approach?
EDIT: Working code:
$stmt = $mysqli->prepare("INSERT INTO member_data (member_id, name, address, telephone, mobile) VALUES (?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE name = ?, address = ?, telephone = ?, mobile = ?");
$stmt->bind_param('sssssssss', $_SESSION['user_id'], $_POST['new_name'], $_POST['new_address'], $_POST['new_telephone'], $_POST['new_mobile'], $_POST['new_name'], $_POST['new_address'], $_POST['new_telephone'], $_POST['new_mobile']);
Related
new here
I've come across this problem.
It doesn't seem to be able to use my id's from the two first statements in my last statements as a variable resource, so the sqlcharacter statement fails.
What do i do wrong?
$sqlimg = ("INSERT INTO cimages(image) VALUES(?)");
$stmtimg = $conn->prepare($sqlimg);
$stmtimg->bind_param('s', $image);
$stmtimg->execute();
$img_id = $stmtimg->insert_id;
// I insert the picture first, and retrieve it's ID
$sqlstats = ("INSERT INTO cstats(Strength, Dexterity, Constitution,
Intelligence, Wisdom, Charisma, Aligment) VALUES(?, ?, ?, ?, ?, ?, ?)");
$stmtstats = $conn->prepare($sqlstats);
$stmtstats->bind_param("iiiiiis", $strength, $dexterity, $constitution,
$intelligence, $wisdom, $charisma, $aligment);
$stmtstats->execute();
$stats_id = $stmtstats->insert_id;
// I insert the characters stats, and retrieve it's ID
// Last I insert The user_id and img_id and stats_id
$user_id = mysqli_real_escape_string($conn, $_POST['user_id']);
// I've used the session id to get the user_id already
$sqlcharacter = ("INSERT INTO characters(Cname, Clast, Crace, house,
location, Bgstory, user_id, img_id, stats_id) VALUES(?, ?, ?, ?, ?, ?, ?,
$img_id, $stats_id)");
$stmtChar = $conn->prepare($sqlcharacter);
$stmtChar->bind_param('ssssssiii', $Cname, $Clast, $Crace, $house,
$location, $Bgstory, $user_id, $img_id, $stats_id);
$stmtChar->execute();
The $sqlcharacter string looks like you've got two variables $img_id and $stats_id in there instead of ?, so I think that's why it's not binding those values.
Try changing this:
"INSERT INTO characters(Cname, Clast, Crace, house,
location, Bgstory, user_id, img_id, stats_id) VALUES(?, ?, ?, ?, ?, ?, ?,
$img_id, $stats_id)"
To this:
"INSERT INTO characters(Cname, Clast, Crace, house,
location, Bgstory, user_id, img_id, stats_id) VALUES(?, ?, ?, ?, ?, ?, ?,
?, ?)"
I can conect to my database just fine, but whenever I try to insert data I get a "Call to a member function bind_param() on a non-object" error, which I know means that I must have mistyped the name of a slot, or something, but I just can't see it, I'm connecting locally, do I have to set up something in MyPhP to allow data to be added from a php file? Thanks in advance.
<?php
include 'connect.php';
if (isset($_POST['Slot1'])) {
$Slot1 = $_POST['Slot1'];
}
if (isset($_POST['Slot2'])) {
$Slot2 = $_POST['Slot2'];
}
if (isset($_POST['Slot3'])) {
$Slot3 = $_POST['Slot3'];
}
if (isset($_POST['Slot4'])) {
$Slot4 = $_POST['Slot4'];
}
if (isset($_POST['Slot5'])) {
$Slot5 = $_POST['Slot5'];
}
if (isset($_POST['Slot6'])) {
$Slot6 = $_POST['Slot6'];
}
if (isset($_POST['Slot7'])) {
$Slot7 = $_POST['Slot7'];
}
$stmt = $db->prepare("INSERT INTO `tabel` (Slot1, Slot 2, Slot3, Slot4,Slot5,
Slot6, Slot7)
VALUES (?, ?, ?, ?, ?, ?,?");
$stmt->bind_param('sssssss',$Slot1,$Slot2,$Slot3,$Slot4,$Slot5,$Slot6,$Slot7);
$stmt->execute();
$stmt->close();
header("Location: Display.php")
?>
You have missed one end parenthese
Replace
$stmt = $db->prepare("INSERT INTO `tabel` (Slot1, Slot 2, Slot3, Slot4,Slot5,
Slot6, Slot7)
VALUES (?, ?, ?, ?, ?, ?,?");
To
$stmt = $db->prepare("INSERT INTO `tabel` (Slot1, Slot 2, Slot3, Slot4,Slot5,
Slot6, Slot7)
VALUES (?, ?, ?, ?, ?, ?,?)");
Try to change your query to
$stmt = $db->prepare("INSERT INTO `tabel` (Slot1, Slot 2, Slot3, Slot4,Slot5,Slot6, Slot7)VALUES (?, ?, ?, ?, ?, ?,?)");
I'm new to using mysqli_stmt statements in PHP. No matter, what I try, I can't insert data into my table. I have 2 tables, one, I can insert the data in but this one does not work
if ($new_profile_query = mysqli_prepare($db,
"INSERT INTO profile (
uid,
first_name,
last_name,
biography,
interests,
date_of_birth) VALUES (
?,
?,
?,
?,
?,
?)")) {
//VALUES ('$user_numberr', '$fname', '$lname', '$biography', '$interests', '$dob')";
mysqli_stmt_bind_param($new_profile_query,
"issbbs",
$user_numberr,
$fname,
$lname,
$biography,
$interests,
$dob);
mysqli_stmt_execute($new_profile_query);
mysqli_stmt_close($new_profile_query);
}
I was always using normal querys for inserting data into the database but now I want to make it with prepared statements. I'm already using statements to select data in all my files but insert never worked... And now I ran out of ideas again. Maybe someone can see what I did wrong.
$animeId = $_POST['animeId'];
$username = $_POST['username'];
$rating = $_POST['rating'];
$story = $_POST['story'];
$genre = $_POST['genre'];
$animation = $_POST['animation'];
$characters = $_POST['characters'];
$music = $_POST['music'];
//Datum auslesen
$date = date("Y-m-d H:i:s");
if($insertRating = $con->prepare("INSERT INTO anime_rating (animeId, rating, story, genre, animation, characters, music, user, date) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?"))
{
$insertRating->bind_param("iiiiiiiss", $animeId, $rating, $story, $genre, $animation, $characters, $music, $username, $date);
$insertRating->execute();
$insertRating->close();
}
You have an errant comma in your query:
music, user,) VALUES (?, ?, ?, ?, ?, ?, ?
^^^
HERE
It should be
music, user) VALUES (?, ?, ?, ?, ?, ?, ?
In the statement:
INSERT INTO anime_rating (
animeId,
rating,
story,
genre,
animation,
characters,
music,
user /* 8 columns */)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?") /* 10 parameters */
There are 8 columns listed to insert values into and 10 parameters specified in the values section. Also as pointed out there is the extra comma in the list of values.
The number of columns must match the number of parameters and the number of parameters binding in the following statement:
`$insertRating->bind_param("iiiiiiiss", $animeId, $rating, $story, $genre, $animation, $characters, $music, $username, $date);`
Two errors in the statement:
INSERT INTO anime_rating (animeId, rating, story, genre, animation, characters, music, user,) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?"
^ here and ^ ^
remove the comma
add a closing parentheses before the end of the string.
remove one ,?
Furthermore you should chop one is from the binding:
$insertRating->bind_param("iiiiiiss", $animeId, $rating, $story, $genre, $animation, $characters, $music, $username, $date);
if($insertRating = $con->prepare("INSERT INTO anime_rating (animeId, rating, story, genre, animation, characters, music, user, date) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?"))
The last (") should be placed after the first ) at the end
New code:
if($insertRating = $con->prepare("INSERT INTO anime_rating (animeId, rating, story, genre, animation, characters, music, user, date) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)")
I am receiving error 'Number of variables doesn't match number of parameters in prepared statement'
$stmt = $this->conn->prepare( "INSERT INTO user
(
st1, u1, e1, sa1,
h1, roles_id, name_titles_id, first_name,
last_name, phone, mobile, address_road,
address_area, address_region, post_code, city,
country_id, creation_date, activated_at, modified_date_time,
created_by, referred_by, gender, ad1, status
)
VALUES
(
?, ?, ?, ?,
?, ?, ?, ?,
?, ?, ?, ?,
?, ?, ?, ?,
?, ?, ?, ?,
?, ?, ?, ?, ?
)"
)
$stmt->bind_param('i',$st1);
$stmt->bind_param('s',$u1);
$stmt->bind_param('s',$e1);
$stmt->bind_param('s',$sa1);
$stmt->bind_param('s',$h1);
$stmt->bind_param('i',$roles_id);
$stmt->bind_param('i',$name_titles_id);
$stmt->bind_param('s',$first_name);
$stmt->bind_param('s',$last_name);
$stmt->bind_param('s',$phone);
$stmt->bind_param('s',$mobile);
$stmt->bind_param('s',$address_road);
$stmt->bind_param('s',$address_area);
$stmt->bind_param('s',$address_region);
$stmt->bind_param('s',$post_code);
$stmt->bind_param('s',$city);
$stmt->bind_param('i',$country_id);
$stmt->bind_param('s',$creation_date);
$stmt->bind_param('s',$activated_at);
$stmt->bind_param('s',$modified_date_time);
$stmt->bind_param('i',$created_by);
$stmt->bind_param('i',$referred_by);
$stmt->bind_param('s',$gender);
$stmt->bind_param('s',$ad1);
$stmt->bind_param('i',$status);
Edit:
Just make a small test and it confirms, we can't use multiple bind_param with mysqli.
Not work:
$stmt->bind_param('s',$a);
$stmt->bind_param('s',$b);
Work:
$stmt->bind_param('ss',$a, $b);
Hopefully it'll be useful for future searches.
Your problem is simple. You are trying to do the thing manually, while the number of data asks for the automated process. You have to make a program to create a query for you.
Suppose You have an array with data already. All you need is to define the list of fields to insert
$fields = "st1,u1,e1,sa1,h1,roles_id,name_titles_id,first_name,last_name,phone,";
$fields .= "mobile,address_road,address_area,address_region,post_code,city,";
$fields .= "country_id,creation_date,activated_at,modified_date_time,";
$fields .= "created_by,referred_by,gender,ad1,status" ;
$fields = explode(",",$fields);
and then use some programming. Luckily, it's already done:
include 'safemysql.class.php';
$db = new safeMysql();
$insert = $db->filterArray($_POST,$fields);
$db->query("INSERT INTO user SET ?u", $insert);
And yeah, you are using bind_param wrong way. Correct usage can be seen in the manual page.