Mysqli Prepare statement not working - php

I am getting the following error when attempting to execute a prepared statement using MySQLi.
Any help to determine what I am doing incorrectly would be GREATLY appreciated.
Fatal error: Call to a member function prepare() on a non-object in etc.
I am connecting properly using this statement:
<?php
$DBHost = "localhost";
$DBUser = "xxxxxx";
$DBPass = "xxxxxx";
$DBName = "creati38_chicos";
$dbconn = new mysqli($DBHost, $DBUser, $DBPass, $DBName);
// check connection
if ($dbconn->connect_error) {
//echo $dbconn->connect_error;
die('Sorry, we are having some problems right now. Please check back later.');
}
else{
echo "You have connected Successfully";
}
?>
I am then using this statement:
<?php
if ((isset($_POST["update"])) && ($_POST["update"] == "Update Appliance")) {
$stmt = $mysqli->prepare("UPDATE appliances SET
category = ?,
make = ?,
model = ?,
description = ?,
price = ?
WHERE id = ?");
$stmt->bind_param('ssssdi',
$_POST['category'],
$_POST['make'],
$_POST['model'],
$_POST['description'],
$_POST['price'],
$_POST['id']);
$stmt->execute();
$stmt->close();
}
?>

it's not $mysqli->prepare( in your case it is $dbconn->prepare(

You are doing
$dbconn = new mysqli($DBHost, $DBUser, $DBPass, $DBName);
and using as
$mysqli->prepare()
make both same

Use $dbconn instead of $mysqli
$stmt = $dbconn->prepare("UPDATE appliances SET
category = ?,
make = ?,
model = ?,
description = ?,
price = ?
WHERE id = ?");
$stmt->bind_param('ssssdi',
$_POST['category'],
$_POST['make'],
$_POST['model'],
$_POST['description'],
$_POST['price'],
$_POST['id']);
$stmt->execute();
$stmt->close();
}
?>

Related

PHP query wont insert to database

The below query wont insert to database, I had tried this query on my database so I am quite sure that the query is working. I also added the dbcon.php below.
<?php
require '../api/dbcon.php';
$stmt=$conn->prepare("INSERT INTO joborder (AirCondition,
CarpentryMasonry,
ElectricalWorks,
Plumbing,
Welding,
Campus,
priorityId,
RequestorName,
UserJobDescription,
SerialCode
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)" );
$stmt->bind_param('ssssssssss',
$airConditioning,
$masonryCarpentry,
$electrical,
$plumbing,
$welding,
$campus,
$priority,
$requester,
$userJobDescription,
$serialCode);
$airConditioning = "check";
$masonryCarpentry = "check";
$electrical = "check";
$plumbing = "check";
$welding = "check";
$campus = 'NA';
$priority = '1';
$requester = "m";
$userJobDescription ="test";
//create serial code
$serialCode= "na12321";
?>
dbcon.php
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$dbtable = "table";
$conn = new mysqli($dbhost, $dbuser, $dbpass, $dbtable);
if(!$conn ){
die('Could not connect: ' . mysqli_error());
}
?>
you're using a bad error reporting mode, and thus need to meticulously check for errors everywhere, but you're not.
on not-dbcon.php on line 4 you're not checking that $conn->prepare succeeded, do that, it returns bool(false) if there was an error. on line 16 you're not checking that $stmt->bind_param succeeded, do that, it returns bool(false) if there was an error. or better yet, don't do that, just convert return-value-error-reporting into exception-error-reporting, by running $conn->report_mode = MYSQLI_REPORT_ALL; immediately after creating the object.
... and most importantly, seems you forgot to run $stmt->execute(), which actually executes the query, which obviously explains why you're not inserting anything.
<?php
$servername = "localhost";
$username = "root";
$password = "123456";
$database = "inventory";
// Create connection
$conn = new mysqli($servername, $username, $password, $database);
$stat = $conn->prepare("INSERT INTO salary (name, salary, job) values (?, ?, ?)");
$name = 'test';
$salary = '21123';
$job = 'demo';
$stat->bind_param($name,$salary, $job );
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// prepare and bind
$stmt = $conn->prepare("INSERT INTO salary (name, salary, job) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email);
// set parameters and execute
$firstname = "Johnqqq";
$lastname = "123123";
$email = "sdadsad";
$stmt->execute();
echo "New records created successfully";
$stmt->close();
$conn->close();
?>

mysqli_stmt_execute() expects exactly 1 parameter, 0 given

I am trying to save data from an HTML form into database wordpress table: wp_testdb using Prepared Statements method, But I am getting error against line mysqli_stmt_execute();
Warning: mysqli_stmt_execute() expects exactly 1 parameter, 0 given in
Here is my code:
if(isset($_POST['BtnSubmit'])){
include_once 'dbConnection.php';
if($conn -> connect_error) {
die("connection failed:".$conn-> connect_error);
}
$date = $_POST['date'];
$select_bank = $_POST['select_bank'];
$entry_type = $_POST['entry_type'];
$income_cat = $_POST['income_cat'];
$amount = $_POST['amount'];
$sql = "INSERT INTO wp_testdb (data_one, data_two, data_three, data_four, data_five) VALUES (?, ?, ?, ?, ?);";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt,$sql)) {
echo "SQL Error !!";
} else {
mysqli_stmt_bind_param($stmt, "sssss", $date, $select_bank, $entry_type, $income_cat, $amount);
mysqli_stmt_execute();
}
}
dbConnection.php has below data:
<?php
$dbServername = "localhost";
$dbUsername = "root";
$dbPassword = "";
$dbName = "wordpress";
$conn= mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);
Any suggestions to resolve this?
I will recommend using the object oriented interface instead of the procedural. Both will work - however, all the procedural functions require the connection or statement object to be the first parameter.
As per the documentation, you need to pass the statement-object, in your case $stmt, as a parameter.
mysqli_stmt_execute($stmt);
This function returns a boolean, which you can check if the query was successful or not.
if (!mysqli_stmt_prepare($stmt,$sql)) {
echo "SQL Error !!";
error_log(mysqli_error($conn));
} else {
mysqli_stmt_bind_param($stmt, "sssss", $date, $select_bank, $entry_type, $income_cat, $amount);
if (mysqli_stmt_execute($stmt)) {
// Query succeeded!
// Do something
} else {
// Query failed. Log it, and do something?
error_log(mysqli_stmt_error($stmt));
}
}

insert a foreign key using prepared statement

i want to insert with foreign key resident_id using prepared statement in table_complaints.
here is my picture of :
also i get the $ides = $_POST["resident_id"]; in view page
$servername = "localhost";
$username = "root";
$password = "";
$database = "myDb";
$conn = mysqli_connect($servername, $username, $password, $database);
if(!$conn){
die("Connection Failed: " . mysqli_connect_error());
}
if(isset($_POST["submits"])){
$comp_text = $_POST["comp"];
$complaints = $_POST["complaints"];
$ides =$_POST["resident_id"];
$statementi = mysqli_stmt_init($conn);
mysqli_stmt_prepare($statementi, "INSERT INTO table_complaint (nature_of_complaints, status)
VALUES (?, ?) WHERE resident_id = ?");
mysqli_stmt_bind_param($statementi, "ssi", $comp_text, $complaints);
mysqli_stmt_execute($statementi);
mysqli_stmt_close($statementi);
}
mysqli_close($conn);
Your insert query is incorrect.
You can use this:
INSERT INTO table_complaint (resident_id,nature_of_complaints, status) VALUES (?,?,?)
and then bind the parameters:
mysqli_stmt_bind_param($statementi, "iss", $ides,$comp_text, $complaints);

Insert Query into Online MySQL database not working

I am trying to insert data into an online MySql database,I used this query a few months ago now it doesn't seem to work,
My Form:
$name = "Hilary";
$number = "768";
$orderss = "Rice x1";
$location = "Chilenje";
$con= mysqli_connect($host,$user,$pass,$db);
$query= "insert into orders values('".$name."','".$number."','".$orderss."','".$location."');";
$result= mysqli_query($con,$query);
if(!$result)
{
$response = array();
$code= "reg_false";
$message="Error Placing Order...";
array_push($response,array("code"=>$code,"message"=>$message));
echo json_encode(array("server_response"=>$response));
}
else
{
$response = array();
$code= "reg_true";
$message="Order Successful,Please wait for our call...";
array_push($response,array("code"=>$code,"message"=>$message));
echo json_encode(array("server_response"=>$response));
}
mysqli_close($con);
?>
When i run this form i get the "Error placing orders" part of server response and values are not inserted.Please help me
Make your $query very simple like this if you're inserting into all columns of your table
$stmt = $conn->prepare("INSERT INTO orders VALUES (?, ?, ?, ?)");
$stmt->bind_param("siss", $name, $number, $orderss, $location);
or if you're inserting into specific columns you can use this by replacing column_name* with your actual column names
$stmt = $conn->prepare("INSERT INTO orders (column_name1, column_name2, column_name3, column_name4) VALUES (?, ?, ?, ?)");
$stmt->bind_param("siss", $name, $number, $orderss, $location);
or I also modified your current code so you can test at your end one more thing "siss" are arguments which are of 4 different types i - integer, d - double, s - string, b - BLOB
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
$name = "Hilary";
$number = "768";
$orderss = "Rice x1";
$location = "Chilenje";
// Create connection
$con = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}
// prepare and bind
$stmt = $conn->prepare("INSERT INTO orders VALUES (?, ?, ?, ?)");
$stmt->bind_param("siss", $name, $number, $orderss, $location);
if($stmt->execute()) {
$stmt->execute();
$response = array();
$code= "reg_true";
$message="Order Successful,Please wait for our call...";
array_push($response,array("code"=>$code,"message"=>$message));
echo json_encode(array("server_response"=>$response));
} else {
$response = array();
$code= "reg_false";
$message="Error Placing Order...";
array_push($response,array("code"=>$code,"message"=>$message));
echo json_encode(array("server_response"=>$response));
}
$stmt->close();
$con->close();
?>

Prepared statement giving error

What am I missing?
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$name = 'Samuel "L" Jackson';
$conn = new mysqli($servername, $username, $password, $dbname);
$stmt = $conn->prepare("INSERT INTO test2 (id, name) VALUES (?,
?)");
$stmt->bind_param("is",'600' , $name);
$stmt->execute();
$stmt->close();
$conn->close();
?>
I'm getting the following error:
Cannot pass parameter 2 by reference in C.... on line ...
bind_param accepts two or more arguments. The first must be a string identifying the data types for the SQL parameters. The rest of the arguments must be variables that can be passed by reference. '600' is a constant, so you cannot pass it by reference.
Just use a temporary variable to work around that limitation, like this:
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$id = 600;
$name = 'Samuel "L" Jackson';
$conn = new mysqli($servername, $username, $password, $dbname);
$stmt = $conn->prepare("INSERT INTO test2 (id, name) VALUES (?, ?)");
$stmt->bind_param("is", $id, $name);
$stmt->execute();
$stmt->close();
$conn->close();
?>

Categories