Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
A friend of mine who isn't currently around massively helped on this script I am currently updating my old one however it is bringing up the following error message;
Fatal error: Call to undefined method mysqli_stmt::bind_params()
$stmt = $db->prepare( $sql );
if (!$stmt)
{
die("Failed to prepare statement: " . $sql);
}
// here I only get the title, website, and summary from the <form>
// that posted to this page:
$title = $_POST["news_title"];
$img = $_POST["news_imgPath"];
$desc = $_POST["news_content"];
$more = $_POST["news_websitePath"];
$stmt->bind_params("ssss", $title, $img, $desc, $more );
if ( ! $stmt->execute() )
{
die("Execution of bound statement failed: " . $stmt->error);
}
echo "Inserted {$stmt->affected_rows} correctly.<hr/>";
$db->close();
Fatal error: Call to undefined method mysqli_stmt::bind_params()
bind_param , not bind_params()
^
You misspelled bind_param
$stmt->bind_param("ssss", $title, $img, $desc, $more );
Related
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 6 years ago.
Improve this question
So basically I got this code right here:
<?php
include_once 'dbconfig2.php';
$con = new DB_con();
$table = "users";
if(isset($_GET['profile_id']))
{
$sql=mysql_query("SELECT * FROM users WHERE user_id=".$_GET['profile_id']);
$result=mysql_fetch_array($sql);
}
?>
I am clueless as to how I would make it so if the user_id is not existent in the records, they cannot view their profile but it leads them to another messsage or piece of code.
If the user_id doesn't exist, there won't be any rows in the result. When you try to read a row with mysql_fetch_array(), it returns FALSE. So you can simply test $result:
if (!$result) {
die("Invalid profile ID");
}
Try to use prepared statements using mysqli, in order to avoid sql injection.
By way of example:
$mysqli = new mysqli("localhost", "root", "root", "test");
if ($mysqli->connect_errno) {
echo "connect_error". $mysqli->connect_error;
}
$id = $_GET['profile_id'];
$result = $mysqli->prepare('SELECT name FROM users WHERE user_id = ?');
$result->bind_param("i", $id);
$result->execute();
$result->bind_result($col1);
$result->fetch();
$is_valid_profile = (!$col1) ? 'Invalid profile' : 'Valid profile';
echo $is_valid_profile;
$result->close();
http://php.net/manual/en/mysqli.prepare.php
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I am getting this error, i am new to programming, kindly please correct if i am wrong. Thank you
<?
$customername = $_REQUEST["customername"];
//$customername = strtoupper($customername);
//$customername = trim($customername);
$address1=$_REQUEST["address1"];
$address2=$_REQUEST["address2"];
$city = $_REQUEST["city"];
$state = $_REQUEST["state"];
$pincode = $_REQUEST["pincode"];
$phonenumber1 = $_REQUEST["phonenumber1"];
$phonenumber2 = $_REQUEST["phonenumber2"];
$emailid1 = $_REQUEST["emailid1"];
$mobilenumber = $_REQUEST["mobilenumber"];
$sql = "insert into master_customer (id,customername,address1,address2,city,state,pincode,phonenumber1,phonenumber2,emailid1,mobilenumber)
values ('','$customername','$address1','$address2','$city','$state','$pincode','$phonenumber1','$phonenumber2','$emailid1','$mobilenumber')";
$exec = mysql_query($sql) or die ("Error in Query".mysql_error());
?>
Just use this single line in place of all your code this will solve your problem.
$sql = mysql_query("insert into master_customer (id,customername,address1,address2,city,state,pincode,phonenumber1,phonenumber2,emailid1,mobilenumber) VALUES('','".$_REQUEST["customername"]."','".$_REQUEST["address1"]."','".$_REQUEST["address2"]."','".$_REQUEST["city"]."','".$_REQUEST["state"]."','".$_REQUEST["pincode"]."','".$_REQUEST["phonenumber1"]."','".$_REQUEST["phonenumber2"]."','".$_REQUEST["emailid1"]."','".$_REQUEST["mobilenumber"]."')");
There is no need of such a lengthy code.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
i can't seem to figure out why this query isn't running
if ( $productName && $productDescription && $productPrice ) {
// SQL
// UPDATE `prostud_tristurion`.`products` SET `product_title` = 'ajax test', `product_description` = 'Was certainty remaining engrossed applauded sir how discovery.', `product_price` = '524' WHERE `products`.`product_id` = 10;
try {
$query = "update products set product_title = :pName, product_description = :pDescription, product_price = :pPrice, where product_id = :pid";
//prepare query for excecution
$stmt = $con->prepare($query);
//bind the parameters
$stmt->bindParam(':pid', $id);
$stmt->bindParam(':pName', $productName);
$stmt->bindParam(':pDescription', $productDescription);
$stmt->bindParam(':pPrice', $productPrice);
// echo "$productPrice / $productDescription / $productName / $id\n $stmt";
var_dump($_POST);
// Execute the query
if ($stmt->execute() ) {
echo "Record was updated.";
} else {
die('Unable to update record.');
}
}catch(PDOException $exception){ //to handle error
echo "Error: " . $exception->getMessage();
}
}
all i get is Unable to update record.
var_dump($_POST);
is looking good
You have an errant comma at product_price = :pPrice, where
If your code reaches the die statement then you have exceptions turned off (not recommended) but you can get the error message from the database (to log or echo) with $stmt->errorInfo()
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
Send message forward along the info. the info that I select in shell or worse than for the bare lies into the database again what I need .. but the problem is such that it appears with this error:
error 1: Commands out of sync; you can't run this command now
PHP/MYSQLI
if($stmt = $this->mysqli->prepare(' SELECT id, idunik, fra, message, datoTime FROM pm WHERE id = ?' ))
{
$stmt->bind_param('i', $id);
$id = $_GET['id'];
$stmt->execute();
$stmt->bind_result($id, $idunik, $fra, $message, $datoTime);
while($stmt->fetch())
{
if ($stm = $this->mysqli->prepare('INSERT INTO pm (idunik, title, fra, til, message, datoTime) VALUES (?, ?, ?, ?, ?, NOW())')) {
$stm->bind_param('issss', $idunik, $title, $fra, $til, $message);
$idunik = $idunik;
$title = $title;
$fra = $_SESSION["id"];
$til = $fra;
$message = $_POST["tekst"];
header('Location: /besked/' . $_SESSION["id"] . '/');
$stm->execute();
$stm->close();
} else {
echo 'error 1: ' . $this->mysqli->error;
}
}
$stmt->close();
}
else
{
echo 'error 2: ' . $mysqli->error;
}
so the problem is such that when carrying it into the database then comes the error.
Unfortunately your question it not perfectly understandable, so I'm just going to give some general info related to the the error you receive (as I presume this is what you want to resolve):
error 1: Commands out of sync; you can't run this command now
Because Mysqli uses unbuffered queries by default on prepared statements, while Mysqli has previous results to be fetched you cannot call another procedure.
To fix this, and avoid the error you are getting, use mysqli_store_result() to get all rows first, then perform the next query.
mysqli_store_result():
http://php.net/manual/en/mysqli.store-result.php
Transfers the result set from the last query on the database
connection represented by the link parameter to be used with the
mysqli_data_seek() function.
And more info on "commands-out-of-sync":
http://dev.mysql.com/doc/refman/5.1/en/commands-out-of-sync.html
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I am new to PDO and am attempting to convert my existing PHP/MYSQL code to meet PDO standards.
The problem i am having is I can connect to the database but no results are being shown and no errors are being displayed.
This is my database:
$db2 = new PDO('mysql:host=localhost;dbname=DATABASENAME;charset=utf8', 'USERNAME', 'PASSWORD');
$db2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db2->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
I am using
include 'db.php';
to include the above database details in my main PHP script.
My main script using the following as a select statement to display the rows which match the criteria:
<?
foreach($db2->query('SELECT view_invoice FROM user_info where username = "$timeapp_username"') as $inrow) {
$inrow['view_invoice']; //etc...
}
?>
On running this I get no errors but no results displayed. I cannot spot what I am doing wrong. Can anyone advise what I am doing wrong here?
The query function is unsafe and should be used only for queries that will not return data, like UPDATE, DELETE, INSERT...
To make safe and working SELECT queries, prepare your query with the PDOStatement. See:
//Example querystring
$id = $_GET['id'];
try{
//Instantiate PDO
$pdo = new PDO('dsn', 'user', 'password');
//Create the statement
$statement = $pdo->prepare("SELECT * FROM `my_table` WHERE `id`=:id");
//Now you can bind values to the statement. This will automatically escape the values
//Defines the type of the value that you'll bind (optional)
$data_type = (is_numeric($id)) ? PDO::PARAM_INT : PDO::PARAM_STR;
//Replace the :id in the query by the value retrieved from the querystring
$statement->bindValue(':id', $id, $data_type);
//Now, let's execute our statement
$statement->execute();
//If the query has returned any rows, we can iterate over it
if ($statement->rowCount() > 0)
{
foreach ($statement->fetchAll() as $result)
{
//Now you can retrieve the values using the defined fetch method.
//Example with associative fetch mode:
echo 'My name is '.$result['name']."!";
echo '<br />';
}
}
else
{
//No results found
}
} catch (PDOException $pe){
die("An error has occurred: ".$pe->getMessage());
}