Function returns boolean not string - php

What I want is to return MYSQL query in a array however my code returns a bool(true).
Here is the code from code.php
require('model.php');
$id = $_POST['id'];
$password = $_POST['password'];
$user = new user();
$row = $user->check_user($id, $password);
var_dump($row);
Here is the code from model.php
class config {
public $dbhost = "localhost";
public $dbuser = "root";
public $dbpass = "";
public $dbused = "dbname";
function dbconn() {
$conn = mysqli_connect($this->dbhost,$this->dbuser,$this->dbpass,$this->dbused);
if(mysqli_connect_errno()) {
printf("Connection failed: " . mysqli_connect_error());
exit();
}
return $conn;
}
}
class user {
function check_user($id, $pass) {
$config = new config();
$conn = $config->dbconn();
$query = $conn->prepare("SELECT id, password, status FROM e_users WHERE id = ? AND password = ?");
$query->bind_param('is', $id, $pass);
try {
$query->execute();
return $query->fetch();
} catch(PDOException $e) {
die($e->getMessage());
}
}
}
I think the problem is in the $query->fetch(); because I tried return 'test'; and it works fine. Even return an array works fine.
Can anyone help me?

As The Blue Dog pointed out, fetch() returns a status flag, not the row itself. But fetch_assoc() will return a row.
Have a look here:
http://php.net/manual/en/mysqli-stmt.fetch.php
If you work with fetch, you need to bind the variables:
$stmt->bind_result($mySelectedValue_1, $mySelectedValue_2);
Here are examples with fetch_assoc():
http://php.net/manual/de/mysqli.quickstart.prepared-statements.php
So this should work fine:
$row = $res->fetch_assoc();

Related

Issue with mysqli in PHP Warning: mysqli_stmt_prepare() expects parameter 1

I have been looking at this code for a while and can't figure out where the problem is.
I am new to coding in general, but especially new to CRUD and SQL. I want to create a prepared statement here to use variables instead of exact values. I don't understand where the issue comes from
I have a Databasetools.php
<?php
class DatabaseTools
{
//private $user = $_SESSION['userId']; // these get called when the object gets created
//private $userEmail = $_SESSION['emailUser'];
public function __construct($Name)
{
$servername = "localhost";
$dBUsername = "root";
$dBPassword = "supersecretpassword";
$dbPort = "3306";
$this->name = $Name;
$conn = mysqli_connect($servername, $dBUsername, $dBPassword, $this->name, $dbPort);
$stmt = mysqli_stmt_init($conn);
if(!$conn)
{
die("connection faild: ".mysqli_connect_error());
}
}
public function lookup($dBName, $Row, $Column)
{
//$sql = "SELECT ".$Column." FROM ".$dBName." WHERE ".$Row.";";
$sql = "SELECT ? FROM ? WHERE ?;";
if(!mysqli_stmt_prepare($stmt, $sql))
{
echo "False";
}
else
{
mysqli_stmt_bind_param($stmt, "sss", $column, $dBName, $Row);
mysqli_stmt_execute($stmt);
$result = mysli_stmt_get_result($stmt);
echo $result;
}
// try to connect to the database
}
public function setCell($Database, $Row, $Column)
{
}
public function disconnect($dBName)
{
}
public function echotest()
{
}
}
?>
And I am using a page to check if the code is working
<?php
require "Model/php/databaseTools.php";
$loginData = new databaseTools("loginsystem");
$loginData->lookup("loginsystem","*","*");
?>
Thanks so much if you could point me in the write direction.
Are you sure you have $stmt value in the lookup function?
Try to add it as one of the parameters, something like this:
public function lookup($dBName, $stmt, $Row, $Column)
and then call it also with $stmt parameter:
$loginData->lookup("loginsystem", <stmt> ,"*","*");

PDO lastInsertId returns 0

I keep getting 0 in PDO lastInsertId. Here are my codes:
public static function createNewUser($email){
$password = self::rand_string(6);
$username = explode("#", $email);
$username = $username[0];
$passwordhashed = password_hash($password. self::salt(), PASSWORD_DEFAULT);
$register = self::connect()->prepare("INSERT INTO `user`(email,username,password,password_salt,type)VALUES(?,?,?,?,?)");
$register->execute(array($email,$username,$passwordhashed,$password,'customer'));
$user_id = self::pdolastid();
if($register){
return $user_id;
}
else{
return false;
}
}
and the last insert id function is:
public static function pdolastid(){
$last = self::connect()->lastInsertId();
return $last;
}
I have tried both with the pdolastid function and with self::connect()->lastInsertId().
The connect function is:
public static function connect(){
$servername = "localhost";
$username = "root";
$password = "";
try {
$conn = new \PDO("mysql:host=$servername;dbname=pw;port=3306;charset=utf8", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
return $conn;
}
catch(PDOException $e)
{
$con_error = "Connection failed: " . $e->getMessage();
return $con_error;
}
}
The database has id as the primary key and is auto-increment
Someone please help

Prepared statement database connection must be instansiated first?

The parts in bold are what I am questioning. Inside the search_for_new_user function, if I change $conn->prepare to $this->db_connection()->prepare. I receive a lost connection error. However in the function right above it db_conn_test I can use this syntax. In both cases I am returning the $connection so I don't understand why there must be a difference in syntax.
class Database {
function db_connection() {
$server = "localhost";
$user = "user";
$password = "password";
$database = "database";
return $connection = new mysqli($server, $user, $password, $database);
}
function db_conn_test() {
if (**$this->db_connection()->connect_errno**) {
die($this->db_connection()->connect_errno . ": " . $this->db_connection()->connect_error);
} else {
echo "connected to mysql database";
}
}
function search_for_new_user($email) {
**$conn = $this->db_connection();**
if ($stmt = **$conn->prepare**("SELECT email FROM users where email = ?")) {
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->bind_result($result);
$stmt->fetch();
echo $result;
$stmt->close();
$conn->close();
}
}
}
In db_conn_test you call db_connection twice only if you got connection error during first db_connection call, so in this case connection to DB is not created.
But in search_for_new_user you create connection twice.
I.e.:
in db_conn_test:
// if connection not created, because you got error
if ($this->db_connection()->connect_errno) {
// therefore each time you call db_connection(),
// you again try create connection, and got same error
// and return it in die text
die($this->db_connection()->connect_errno . ": " . $this->db_connection()->connect_error);
} else {
echo "connected to mysql database";
}
but in search_for_new_user: you call db_connection() and create connection(if all is ok). And then if you call db_connection in second try, first connection is gone away and you got error.
Your class should looks like this:
class Database {
protected $connection;
function db_connection() {
if ($this->connection !== null) {
return $this->connection;
}
$server = "localhost";
$user = "user";
$password = "password";
$database = "database";
return $this->connection = new mysqli($server, $user, $password, $database);
}
}

Check user credentials PHP MySQL

Im trying to create a user management section on my website that allows users to login.
So far I have the following PDO Conenction class...
<?php
class connection{
private $host = 'localhost';
private $dbname = 'dbname';
private $username = 'liam#';
private $password ='Password';
public $con = '';
function __construct(){
$this->connect();
}
function connect(){
try{
$this->con = new PDO("mysql:host=$this->host;dbname=$this->dbname",$this->username, $this->password);
$this->con->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
}catch(PDOException $e){
echo 'We\'re sorry but there was an error while trying to connect to the database';
file_put_contents('connection.errors.txt', $e->getMessage().PHP_EOL,FILE_APPEND);
}
}
}
?>
My check-login.php looks like...
<?php
include 'assets/connection.class.php';
$username=$_POST['username'];
$password=$_POST['password'];
function login(PDO $db, $username, $password) {
$user_id = user_id_from_username($db, $username);
$password = md5($password);
$stmt = $db->prepare('SELECT COUNT(`user_id`) FROM `users` WHERE `username` = ? AND `password` = ?');
$stmt->bindParam(1, $username);
$stmt->bindParam(2, $password);
$stmt->execute();
if($stmt->fetchColumn() > 0) {
return $user_id;
} else {
return false;
echo 'failed';
}
}
?>
my problem is that im not given any result from check-login.php? Im not a php programmer so apologies if this seems vague, any help will be appreciated
It could be a problem with
$user_id = user_id_from_username($db, $username);
Since we don't know what that function (user_id_from_username) is doing, it might be that the
return $user_id;
is just returning NULL or an empty string.

"Undefined Variable" notice

Im new to php so im sure this is an easy one. Im getting this error
Notice: Undefined variable: conn in C:\Dev\Webserver\Apache2.2\htdocs\EclipsePHP\thecock\php\db.php on line 23
for this code
<?php
$host = "localhost"; $database = "dbname"; $username = "user"; $password = "pass";
$conn = new mysqli($host, $username, $password, $database);
if (! $conn) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}else{
echo("all ok!");
}
function getContent($id) {
$sql = "SELECT content FROM blocktext WHERE id=$id";
if ($rs = $conn->query($sql)) { # line 23
if ($row = $rs->fetch_assoc()) {
echo stripslashes($row['content']);
}
$rs->close();
}
}
?>
How do I fix the notice?
Change your function to:
function getContent($id, $conn) {
$sql = "SELECT content FROM blocktext WHERE id=$id";
if ($rs = $conn->query($sql)) {
if ($row = $rs->fetch_assoc()) {
echo stripslashes($row['content']);
}
$rs->close();
}
}
You don't declare the "original" $conn in the scope of the function. Inside the function you only have access to variables declared inside the function or provided via parameters.
Another way would be to declare the variable as global in your function:
function getContent($id) {
global $conn;
$sql = "SELECT content FROM blocktext WHERE id=$id";
if ($rs = $conn->query($sql)) {
if ($row = $rs->fetch_assoc()) {
echo stripslashes($row['content']);
}
$rs->close();
}
}
But you should only do this, if there is no other way. Globals make it hard to debug and maintain the code.
See also Variable scope and why global variables are bad.
Edit:
Yes e.g. you can have a DB class:
class DB {
private static $conn = null;
public static function getConnection() {
if (is_null(DB::$conn)) {
$host = "localhost"; $database = "dbname"; $username = "user"; $password = "pass";
DB::$conn = new mysqli($host, $username, $password, $database);
}
return DB::$conn;
}
}
Of course this is not the best implementation ;) But it should give you the right idea. Then you can get the the connection:
DB::getConnection()
conn is a global variable. To access it within a function:
function getContent($id) {
global $conn;
...
}
Otherwise the function can't see it.

Categories