class MyClass {
private $db;
// Constructor
function __construct() {
$this->db = new mysqli('localhost', 'root', 'root', 'Test_db');
$this->db->autocommit(FALSE);
}
// Destructor
function __destruct() {
$this->db->close();
}
// Main method
function MyFun() {
// Check for required parameters
if (isset($_POST["name"]) && isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["email"])) {
echo "Before \n";
$name = $_POST["name"];
$username = $_POST["username"];
$password = $_POST["password"];
$email = $_POST["email"];
$activation = 0;
echo "After \n";
// tracking
$stmt = $this->db->prepare("INSERT INTO users (name, username, password, email,activation) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param("is", $name, $username, $password, $email, $activation); //Line 95
$stmt->execute();
$stmt->close();
}
Output:
Before
After
Invalid request
MAMP Console:
[15-Apr-2011 15:09:10] PHP Warning: mysqli_stmt::bind_param() [<a href='function.mysqli-stmt-bind-param'>function.mysqli-stmt-bind-param</a>]: Number of elements in type definition string doesn't match number of bind variables in /Applications/MAMP/htdocs/Test/reg.php on line 95
The number is the same but I don't know why this error appears
$stmt->bind_param("is", $name, $username, $password, $email, $activation);
Your "definition" string ("is") contains only two definitions, integer and string ... you should have 5 in there.
$stmt->bind_param("sssss", $name, $username, $password, $email, $activation);
... for example ...
You are only having five ? placeholders in your query, yet you're trying to bing six values to the query.
$stmt->bind_param("is", $name, $username, $password, $email, $activation);
"is"
$name
$username
$password
$email
$activation
The format you are giving does only contain 2 definition, yet it must contain 5 to match your query. Try "sssss".
The "is" is the sixth variable, I suggest you remove this or add the field name in the statement:
$stmt->bind_param("is", $name, $username, $password, $email, $activation);
Either remove from bind_param:
$stmt = $this->db->prepare("INSERT INTO users (name, username, password, email,activation) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param($name, $username, $password, $email, $activation);
or add to field names:
$stmt = $this->db->prepare("INSERT INTO users (**is**, name, username, password, email,activation) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param("**is**", $name, $username, $password, $email, $activation);
or
$stmt = $this->db->prepare("INSERT INTO users (name, username, password,
email,activation) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param("issss", $name, $username, $password, $email, $activation);
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
<?php
error_reporting(E_ALL);
$username = $_POST['username'];
$email_id = $_POST['email_id'];
$phone_no = $_POST['phone_no'];
$gender = $_POST['gender'];
$country = $_POST['country'];
$courses = $_POST['courses'];
//i am checking here values***
if (!empty($username) || !empty($email_id) || !empty($phone_no) || !empty($gender) || !empty($country) || !empty($courses)) {
//db connectiion***
$host = "localhost";
$dbUsername = "root";
$dbPassword = "";
$dbname = "registartionform";
//create connection
$conn = new mysqli($host, $dbUsername, $dbPassword, $dbname);
if (mysqli_connect_error()) {
die('Connect Error('. mysqli_connect_errno().')'. mysqli_connect_error());
} else {
//check email already exists or not and insert the value in db***
$SELECT = "SELECT email_id From registration Where email_id = ? Limit 1";
$INSERT = "INSERT Into registration (username, email_id, phone_no, gender, country, courses) values($username, $email_id, $phone_no, $gender, $country, $courses)";
//Prepare statement
$stmt = $conn->prepare($SELECT);
if ($stmt !== false) {
$stmt->bind_param("s", $email_id);
$stmt->execute();
$stmt->bind_result($email_id);
$stmt->store_result();
$rnum = $stmt->num_rows;
}
if ($rnum == 0) {
$stmt->close();
$stmt = $conn->prepare($INSERT);
$stmt->bind_param("ss", $username, $email_id, $phone_no, $gender, $country, $courses);
if ($stmt !== false) {
$stmt->execute();
echo "New record inserted sucessfully";
} else {
echo "Someone already register using this email";
}
}
$stmt->close();
$conn->close();
}
} else {
echo "All field are required";
die();
}
You can't do this
INSERT Into registration (username, email_id, phone_no, gender, country, courses)
values($username, $email_id, $phone_no, $gender, $country, $courses)
and then try to bind variables
$stmt->bind_param("ss", $username, $email_id, $phone_no, $gender, $country, $courses );
You should use placeholders in your SQL query. Try with:
INSERT Into registration (username, email_id, phone_no, gender, country, courses)
values(?, ?, ?, ?, ?, ?)
Values will be provided in bind_param variables.
Also you have 7 variables in bind_param and only 6 columns in your INSERT statement. You need to mach that or SQL wont know where to put data.
I developed php simple page to register users and check if the user exists or not but it is not working and displays the fallowing error :
Fatal error: Call to a member function execute() on boolean in /Applications/XAMPP/xamppfiles/htdocs/one/include/DbOperation.php on line 31
and php code here please help us for this issue
<?php
class DbOperation
{
private $conn;
enter code here
//Constructor
function __construct()
{
require_once('Constants.php');
require_once('DbConnect.php');
// opening db connection
$db = new DbConnect();
$this->conn = $db->connect();
}
//Function to create a new user
public function createUser($username, $pass, $email, $name, $phone)
{
if (!$this->isUserExist($username, $email, $phone)) {
$password = md5($pass);
$stmt = $this->conn->prepare("INSERT INTO users (username, password, email, name, phone) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param("sssss", $username, $password, $email, $name, $phone);
if ($stmt->execute()) {
return USER_CREATED;
} else {
return USER_NOT_CREATED;
}
} else {
return USER_ALREADY_EXIST;
}
}
private function isUserExist($username, $email, $phone)
{
$stmt = $this->conn->prepare("SELECT id FROM users WHERE username = ? OR email = ? OR phone = ?");
//if($query = $this->db->conn->prepare($sql)){
$stmt->bind_param(array("sss", $username, $email, $phone));
$stmt->execute();
$stmt->store_result();
$stmt->fetch();
$stmt->close();
return $stmt->num_rows > 0;
}
}
?>
In your isUserExist() function it looks like your bind_param has an array which shouldn't be there:
$stmt->bind_param(array("sss", $username, $email, $phone));
should be:
$stmt->bind_param("sss", $username, $email, $phone);
This is most likely why mysqli->bind_param is returning FALSE
change your isUserExist as below:
private function isUserExist($username, $email, $phone)
{
$stmt = $this->conn->prepare("SELECT id FROM users WHERE username = ? OR email = ? OR phone = ?");
//if($query = $this->db->conn->prepare($sql)){
$stmt->bind_param("sss", $username, $email, $phone); // change here remove array
$stmt->execute();
$stmt->store_result();
$stmt->fetch();
//$stmt->close(); // change this comment or remove this
return $stmt->num_rows > 0;
}
use this in isUserExist() function
$stmt->bind_param("sss", $username, $email, $phone);
I have researched it a lot online and spent a lot of time trying to fix this problem.
My code
function createNewAccount() {
global $response;
global $conn;
// prepare and bind
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email);
// set parameters and execute
$firstname = "John";
$lastname = "Doe";
$email = "john#example.com";
$stmt->execute();
}
the error I get is
Warning: mysqli::prepare(): Couldn't fetch mysqli in
C:\xampp\htdocs\authentication\register.php on line 105
Fatal error: Uncaught Error: Call to a member function bind_param() on
null in C:\xampp\htdocs\authentication\register.php:106 Stack trace:
#0 C:\xampp\htdocs\authentication\register.php(139): createNewAccount() #1 {main} thrown in
C:\xampp\htdocs\authentication\register.php on line 106
I cant seem to find any solution. Any help is highly appreciated.
PHP Variables need to be set before using them:
function createNewAccount() {
global $response; // If you dont need this remove it
global $conn;
// set parameters and execute
$firstname = "John";
$lastname = "Doe";
$email = "john#example.com";
// prepare and bind
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email);
$stmt->execute();
}
I am trying to insert some values to my database using PDO but it just says "No database selected".
$host = "localhost";
$dbname = "aura";
$user = "root";
$pass = "somepassword";
try {
$DB = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass, array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));
$DB->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$DB->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo $e->getMessage();
}
$SignUp = $DB->prepare("INSERT INTO `users` (`username`, `password`, `name`, `email`, `rank`, `lvl`, `xp`, `money`, `age`, `reg_ip`, `last_ip`, `created`, `last_online`, `last_action`, `online`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ");
$SignUp->bindValue(1, $username);
$SignUp->bindValue(2, $password);
$SignUp->bindValue(3, $name);
$SignUp->bindValue(4, $email);
$SignUp->bindValue(5, '1');
$SignUp->bindValue(6, '1');
$SignUp->bindValue(7, '1');
$SignUp->bindValue(8, '100');
$SignUp->bindValue(9, NULL);
$SignUp->bindValue(10, $ip);
$SignUp->bindValue(11, $ip);
$SignUp->bindValue(12, $time);
$SignUp->bindValue(13, $time);
$SignUp->bindValue(14, $time);
$SignUp->bindValue(15, $online);
try{
$SignUp->execute();
} catch(PDOException $e){
die($e->getMessage());
}
I do not know why I get this error because I have connected successfully to the database and as you can see I have specified a database.
It looks ok, but you may have issues with the first try catch and your not killing and possible confusing the insert with the errors from the first.
Also wrap the whole statements in the try catch blocks also using $e->__toString() its going to give you a full stack trace, often that makes it easyier to trace where the error is.
Try this, I couldn't tell you if the following changes will fix the issue but might make it more clearer.
<?php
$host = "127.0.0.1";
$dbname = "aura";
$user = "root";
$pass = "somepassword";
try {
$DB = new PDO('mysql:host='.$host.';dbname='.$dbname, $user, $pass, array(
PDO::ATTR_EMULATE_PREPARES => false,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8")
);
} catch(PDOException $e) {
die('<pre>'.$e->__toString().'</pre>');
}
try{
$SignUp = $DB->prepare("
INSERT INTO `users` (`username`, `password`,
`name`, `email`, `rank`,
`lvl`, `xp`, `money`,
`age`, `reg_ip`, `last_ip`,
`created`, `last_online`,
`last_action`, `online`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ");
$SignUp->bindValue(1, $username);
$SignUp->bindValue(2, $password);
$SignUp->bindValue(3, $name);
$SignUp->bindValue(4, $email);
$SignUp->bindValue(5, '1');
$SignUp->bindValue(6, '1');
$SignUp->bindValue(7, '1');
$SignUp->bindValue(8, '100');
$SignUp->bindValue(9, NULL);
$SignUp->bindValue(10, $ip);
$SignUp->bindValue(11, $ip);
$SignUp->bindValue(12, $time);
$SignUp->bindValue(13, $time);
$SignUp->bindValue(14, $time);
$SignUp->bindValue(15, $online);
$SignUp->execute();
} catch(PDOException $e){
die('<pre>'.$e->__toString().'</pre>');
}
?>
I have got the following registration code, it SEEMS to be working but it isn't actually inserting the entered information into my table. It all runs with no errors showing up, and the "echo 'end';" is displaying.
Edit, updated code:
Now get this error
Warning: mysqli_stmt::bind_param(): Number of elements in type
definition string doesn't match number of bind variables in
C:\xampp\htdocs\ppa\test.php on line 19
Which is this line:
$insert_stmt->bind_param($email, $password, $random_salt, $user);
PHP:
<?php
include "includes/db_connect.php";
if (isset($_POST['email'], $_POST['p'])) {
$email = $_POST['email'];
//Default user perms
$perms = "user";
$password = hash('sha512', $_POST['p']); //Need to add JavaScript to hash password before it gets here
//Create random salt
$random_salt = hash('sha512', uniqid(mt_rand(1, getrandmax()), true));
//Create salted password
$password = hash('sha512', $password.$random_salt);
//Add insert to database script
//Use prepared statements!
if ($insert_stmt = $mysqli->prepare("INSERT INTO users (email, password, salt, perms) VALUES (?, ?, ?, ?)")) {
$insert_stmt->bind_param($email, $password, $random_salt, $perms);
$insert_stmt->execute();
}
echo "Email: ".$email."<br />";
echo "Password: ".$password."<br />";
echo "Random Salt: ".$random_salt."<br />";
echo "Permissions: ".$perms."<br />";
}
?>
This is my db_connect.php page
<?php
define("HOST", 'localhost');
define("USER", 'ppa_user');
define("PASSWORD", 'password');
define("DATABASE", 'ppa');
$mysqli = new mysqli(HOST, USER, PASSWORD, DATABASE);
if ($mysqli->connect_errno) {
//No database found, redirect to setup
$url = "http://".$_SERVER['HTTP_HOST'].'/ppa/setup.php';
header('Location: '.$url);
}
?>
In order to close this question as being answered, have come to the conclusion the OP needed to use the following code:
$insert_stmt->bind_param("ssss", $email, $password, $random_salt, $perms);
Replace the following:
//Add insert to database script
//Use prepared statements!
if ($insert_stmt = $mysqli->prepare("INSERT INTO users (email, password, salt, perms) VALUES (?, ?, ?, ?)"));
$insert_stmt->bind_param('ssss', $_POST['email'], $password, $random_salt, $user);
//Execute the prepared query
$insert_stmt->execute();
echo "end";
with:
//Add insert to database script
//Use prepared statements!
if ($insert_stmt = $mysqli->prepare("INSERT INTO users (email, password, salt, perms) VALUES (?, ?, ?, ?)")) {
$insert_stmt->bind_param($_POST['email'], $password, $random_salt, $user);
$insert_stmt->execute();
echo "end";
}
check this
if ($insert_stmt = $mysqli->prepare("INSERT INTO users (email, password, salt, perms) VALUES (?, ?, ?, ?)"));
$insert_stmt->execute(array($_POST['email'], $password, $random_salt, $user));