Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
hello i have this code which try to insert data in the database but i face error rong parameter count for mysqli
<?php
session_start();
$regValue = $_GET['regName'];
echo "Your registration is: ".$regValue.".";
$servername = "localhost";
$username = "root";
$password = "b4sonic";
$dbname = "b4sonic2";
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// prepare and bind
$stmt = $conn->prepare("INSERT INTO b4sonic (first_name) VALUES (?)");
$stmt->bind_param( $firstname);
// set parameters and execute
$firstname = "John";
$stmt->execute();
echo "New records created successfully";
$stmt->close();
$conn->close();
?>
please i ness rapid respone because i work on project and i should comlete it but this probelm
Fred addressed one issue. At the time of bind_param, $firstname isn't defined.
You also aren't calling bind_param correctly.
The first parameter needs to identify the variable type. For instance 's' for string. Refer to the link I added.
// define the variable first
$firstname = "John";
// prepare and bind
$stmt = $conn->prepare("INSERT INTO b4sonic (first_name) VALUES (?)");
$stmt->bind_param("s", $firstname);
// set parameters and execute
$stmt->execute();
put $firstname above your line:
// prepare and bind
$firstname = "John";
$stmt = $conn->prepare("INSERT INTO b4sonic (first_name) VALUES ('$firstname')");
Related
This question already has answers here:
When to close Prepared Statement
(2 answers)
When to call mysqli::close
(4 answers)
Closed 1 year ago.
Is it necessary to close the prepared statement in php by using $stmt->close();
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// prepare and bind
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email);
// set parameters and execute
$firstname = "John";
$lastname = "Doe";
$email = "john#example.com";
$stmt->execute();
$firstname = "Mary";
$lastname = "Moe";
$email = "mary#example.com";
$stmt->execute();
echo "New records created successfully";
$stmt->close();
$conn->close();
?>
php_mysqli library was written in low level languages which requires manual memory management. Whenever you allocate a new resource it takes some memory from the device RAM to host the allocated data.
Closing allocated resource free's that memory that later could be again used for another allocation requests or lets Operation System to give that part of memory to another programs when needed.
In short: if you want to make your code memory efficient you might want to close resources you've allocated previously. If you don't really care about the efficiency you might not close the resources.
Another think to keep in mind that Operation System also frees allocated memory chunks whenever a program completes execution. So, closing resources manually might not make a noticable improvement in some situations.
References:
C Memory Management - MIT
mysqli_stmt::close - PHP
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 2 years ago.
Improve this question
I'm just trying to store the integer (with id as id) that is entered by the user through html form, in database of phpmyadmin using php and mysql . I'm new to mysql and php. I'm sure that something wrong with the database connection code of php only or mysql queries. Database name is testdb and the table name is testdbtable.
My code is below.
<?php
if (isset($_POST['id'])) {
$integ = $_POST['id'];
}
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "testdb";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO testdbtable (id)
VALUES ('$integ')";
$conn->close();
?>
<!DOCTYPE html>
<html>
<head>
<title>SAMPLE TEST2</title>
</head>
<body>
<form method="post">
<label >Enter your integer:</label>
<input type="number" id="id" name="id">
<br>
<br>
<button type="submit">Submit</button>
</form>
You're defining the query but never run it.
Try this:
$sql = "INSERT INTO testdbtable (id) VALUES ('$integ')";
$conn->query($sql);
As Paul T. said, move the } to the end of the script. Otherwise, even if condition is false, You will just prevent definig $integ, but still running all the rest of the code.
Also, user Prepared Statements to make it more secure.
if (isset($_POST['id'])) {
$integ = $_POST['id'];
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "testdb";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Use prepared statements to make it more secure
$sql = "INSERT INTO testdbtable (id) VALUES (?)";
// Prepare statement and bind params
$stmt = $conn->prepare($sql);
$stmt->bind_param("i", $integ);
// Execute statement
$stmt->execute();
$conn->close();
}
Take a look at Should we ever check for mysqli_connect() errors manually? as #Dharman commented to stop manually error checking.
Before
$conn->close();
you need to run
$conn->query($sql);
This will actually execute the query.
But this is not the end of the story. You have other issues:
Your code is vulnerable to SQL injection attack. Consider changing the line:
$integ = $_POST['id'];
to
$integ = (int)$_POST['id'];
or (better!) learn how to work with prepared statements.
The query will still be invalid. I bet that the datatype of the column "id" in the "testdbtable" is INT and therefore you should not put quotes around its value. So the $sql variable should be:
$sql = "INSERT INTO testdbtable (id) VALUES ($integ)";
And one more thing - move all query-related code inside the if statement. You should not execute the query if the POST variable is not set.
Your <form> tag has no "action" attribute. You should include it so it do an actual post...
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I am trying to insert multiple records in a for loop like so:
$connection = mysqli_connect("localhost", "username", "password");
mysqli_select_db($connection, "database");
for ($i = 1; $i <= $_POST['people']; $i++) {
$stmt = "";
if ($stmt = $connection->prepare("INSERT INTO `table` (firstname, lastname, email, rsvp) VALUES (?,?,?,?)")) {
$stmt->bind_param('ssss', "James", "Smith", "smith#abc.com", "yes");
$stmt->execute();
$stmt->close();
}
}
mysql_close($connection);
But its not inserting, I put in an echo at the beginning of the loop and it only echos once. Please help.
Try assigning all of your customer data to variables first, like so:
$firstname = 'James';
$lastname = 'Smith';
$email = 'smith#abc.com';
$rsvp = 'yes';
$stmt->bind_param('ssss', $firstname, $lastname, $email, $rsvp);
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
<?php
require('database.php');
$user = $_POST["username"];
$password = $_POST["password"];
$location = $_POST["location"];
$stmt = $mysqli->prepare("insert into Userinfo (username, password, location) values (?, ?, ?)");
if(!$stmt) {
//printf("Query prep failed: %s\n", mysqli->error);
echo "query prep failed".$mysqli->error;
exit;
}
$stmt->bind_param('sss', $username, $password, $location);
$stmt->execute();
$stmt->close();
error_log("username ".$user, 3, "/tmp/php_error.log");
}
?>
Database.php
<?php
$mysqli = new mysqli('localhost', 'php', 'passtheword', 'Android');
if($mysqli->connect_errno) {
printf("Connection Failed: %s\n", $mysqli->connect_error);
exit;
}
?>
This query is not modifying my database for some reason. I know 'database.php' is valid, and I don't get an error from the if(!$stmt) section. Nothing breaks, it just doesn't modify the table, Userinfo. Can anyone tell me why?
Change $user to $username. You are binding and inserting $username but you only $_POST to and define $user
This question already has an answer here:
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 2 years ago.
Having trouble with line 27, Don't quite know why as I am very new to PHP/MySQL.
Was wondering if anybody can advise me why I am getting the error;
"Fatal error: Call to a member function execute() on a non-object in
C:\xampp\htdocs\testscripts\usercreate.php on line 27"
in the following code:
<?php
$name = $_POST["name"];
$psswrd = $_POST["psswrd"];
$username = "root";
$password = "hidden";
$hostname = "localhost";
$table = "testtable";
// create connection to database
// ...
$db= new mysqli($hostname, $username, $password, $table);
// sanitize the inputs
// ...
// create an MD5 hash of the password
$psswrd = md5($psswrd);
// save the values to the database
$sql = "INSERT INTO accounts (name, psswrd) VALUES (:name, :psswrd)";
$stmt = $db->prepare($sql);
$stmt->execute(array(
":name" => $name,
":psswrd" => $psswrd
));
->prepare returns false if an error occurred. Since $stmt->execute is complaining of being called on a non-object, it's reasonable to assume that something went wrong with the query.
Check $db->error.
Try this :
$db= new mysqli($hostname, $username, $password, $table);
if ($db->connect_errno) {
throw new Exception($db->connect_error, $db->connect_errno);
}
$psswrd = md5($psswrd);
// save the values to the database
$sql = "INSERT INTO accounts (name, psswrd) VALUES (:name, :psswrd)";
$stmt = $db->prepare($sql);
if (!$stmt) {
throw new Exception($db->error);
}
$stmt->execute(array(
":name" => $name,
":psswrd" => $psswrd
));
Show your all exception for better idea of given error.
First thing, the fourth parameter the MySQLi class takes is the database name, not the table name.
So, change the$table = 'testtable'; to something like this : $dbname = 'dbname';
Also, in your code, you are using named parameters (:name and :passwrd). This won't work because MySQLi doesn't support named parameters. PDO (PHP Data Objects) supports named parameters. If you use the PDO class to connect to the database, your script will work fine!
If you want to connect to the database using the MySQLi class, do this :
$name = $_POST['name'];
$psswrd = $_POST['psswrd'];
$username = "root";
$password = "";
$hostname = "localhost";
$dbname = "dbname";
// create connection to database
// ...
$db= new mysqli($hostname, $username, $password, $dbname);
// sanitize the inputs
// ...
// create an MD5 hash of the password
$psswrd = md5($psswrd);
// save the values to the database
$sql = "INSERT INTO `testtable` (id, name) VALUES (?, ?)";
$stmt = $db->prepare($sql);
$stmt->bind_param('ss', $name, $psswrd);
$stmt->execute();
Try that. Use question marks instead of named parameters.
In the bind_param() function, I've written the first parameter as 'ss'. The two 's' here stands for Strings. If you had an integer data, you could have replaced 's' with 'i'.
It's pretty self explanatory as to why there are two 's'. It's because you are binding two variables to the SQL query, both of them are strings. Hence the two 's'.