|
PHP - Function Prepare() On Null Mixing Object And Procedural
Hi All, I have the following code which works fine:
$mysqli = new mysqli("server", "user", "pass", "database");
if($mysqli->connect_error) {
exit('Could not connect');
}
$sql = "SELECT customer_contactname, customer_companyname, customer_phonenumber, customer_emailaddress, customer_address1, customer_address2, customer_city, customer_postcode
FROM ssm_customer WHERE customer_id = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s", $_GET['q']);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($ccontname, $ccompname, $cphoneno, $cemail, $cad1, $cad2, $ccity, $cpost);
$stmt->fetch();
$stmt->close();
however, when i use my dbconn.php as an include rather than the top section of this code, i get the following error: function prepare() on null The error references the following $stmt = $mysqli->prepare($sql); In my database connection file, i am using the following: $conn = mysqli_connect($db_servername, $db_username, $db_password, $db_name); This seems to be the issue and i believe i am mixing procedural and object based but not sure why there should be a difference here? when i used my database connection file, i do change $mysqli->prepare to $conn->prepare Kind Regards Edited February 4, 2019 by AdamhumbugSimilar TutorialsExcerpts of code:
function addUser() {
$username = $_POST['username'];
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$bio = $_POST['bio'];
$email = $_POST['email'];
$c_status = 0;
//$avatar =
//$username_query = $pdo->prepare("SELECT * from profiles001 WHERE username=':username'");
//$username_query->bindValue(':username', $username);
//$username_query->execute();
$query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio) VALUES (:username, :password, :email, :cstat, :bio)");
$query->bindValue(':username', $username);
$query->bindValue(':password', $password);
$query->bindValue(':email', $email);
$query->bindValue(':cstat', $c_status);
$query->bindValue(':bio', $bio);
$query->execute();
setAvatar();
}
function setAvatar() {
// check if avatar is set, if not give default avatar
if (isset($file) && $fileError === UPLOAD_ERR_OK) {
$file = $_FILES['userfile'];
$fileName = $file['name'];
$fileTmpName = $file['tmp_name'];
$fileSize = $file['size'];
$fileError = $file['error'];
$fileType = $file['type'];
$fileExt = explode('.', $fileName);
$fileActualExt = strtolower(end($fileExt));
$allowedExtensions = array('jpg', 'jpeg', 'png');
}
// if user has not assigned avatar, assign the default.
if (empty($file)) {
$avatar = "assets/soap.jpg";
$query = $pdo->prepare("INSERT INTO profiles001 (avatar) VALUES (:avatar)");
$query->bindValue(':avatar', $avatar);
$query->execute();
}
}
addUser();
}
From the database file:
<?php
$host = "localhost";
$database = "soapbox";
$username = "drb";
$password = "m1n3craft";
// Create connection
$pdo = new PDO('mysql:host=localhost;dbname=soapbox;', $username, $password);
/*
Print error message and or code to the screen if there is an error.
*/
?>
NOTE: I also require dbcon.php at the top of the confirmation.php file which is NOT included in the excerpt at the top. Making pdo a global variable would probably fix it, but from what I heard globals are frowned upon. Hey, I am coding this forum and the following PDO prepare query calls the topic details. The prepare query works perfectly well, however when I add it into a function within another class and then call it, the script does not seem to work. I get errors like the following: Fatal error: Call to a member function fetch() on a non-object in C:\wamp\www\new\sources\forum\new.php on line 117 The prepare query fails to excute, this is because I do not know how to add it into a function. This is what I tried: Code: [Select] class FUNC { function userDetails($table, $column, $cVaulue, $oBy, $ASDSC) { global $dbh; $sth = $dbh->prepare('SELECT * FROM `'.$table.'` WHERE `'.$column.'` = '.$cVaulue.' ORDER BY `'.$oBy.'` '.$ASDSC.''); $sth->bindParam(':id', $id, PDO::PARAM_INT); $sth->execute(); } } The FUNC class is called as the $load variable, and in my forum class I have decalred it in my global so the variable can be passed: Code: [Select] $id = $forum_data['id']; $load->userDetails('db_topics', 't_forum_id', ':id', 't_whenlast', 'DESC'); $coll=$sth->fetch(PDO::FETCH_ASSOC); $this->html->RightForum($coll); The code is very silly, but the fact is I did not know how to do this.. Please help me put this query into a function because I need to make use of it in many other parts of the forum and I don't want to constantly declare this query. My code; $sql = "SELECT SUM(IF(`submitdate` IS NULL , 1 , 0 )) as 'Survey Started But Not Completed' FROM `survey_$surveyid`"; $statement = $dbh->prepare($sql); $statement->execute(); $result = $statement->fetch(PDO::FETCH_OBJ); //pass that data to an objectIs returning;
stdClass Object
(
[Survey Started But Not Completed] =>
)
I need to set this to a vaule that I can actually print out on the screen... Like a "0" for example. At the moment it is just a NULL. How do I do this?? These don't work; $result = 0; $result = array(['Survey Started But Not Completed'] => "0"); I am using PDO to run query's and get data. How do I check if the PDO query returned a null value. I tried empty but that doesn't work because PDO array will always contain an SQL query. I want to check if the return value of that query is NULL . Help please. Code: [Select] function display_details($name, $department="sales", $sex="male") { return "You are {$name} from {$department} and you are {$sex}"; } I need to use the default value for $department, but none of the below work. How do I do it? echo $display_details("Sally", NULL, "female"); // sets $department as empty/blank echo $display_details("Sally", "", "female"); // sets $department as empty/blank echo $display_details("Sally", , "female"); // PHP error Hi guys, I am trying to implement a Pagination class for a website displaying movies. I need to have the total number of posts, but on accessing the function row_count() from class Connection I get the error: "Fatal error: Uncaught Error: Call to a member function query() on null in ..\connection.php:30 Stack trace: #0 from ...\index.php(20): Connection->row_count() #1 ..." I only found two posts concerning this issue, and they led me to think this might be a scope issue with $db variable; $db is defined in the constructor function of the same Connection class so I thought the scope would be ok; but apparently, not. Can anybody help? This is a real show-stopper just now. Please let me know if you need any further information. Thanks in advance. Sept connection.txt index.txt Been scratching my head about this all day. Cannot figure it out. Any help would be appreciated. Code: [Select] <?php $selectClause = 'SELECT * FROM idInfo WHERE'; $whereClause = ''; function addWhere($fxnName, $fxnValue) { if (!$whereClause) { return $fxnName . '=\'' . $fxnValue . '\''; } else { return ' AND ' . $fxnName . '=\'' . $fxnValue . '\''; } } $whereClause.=addWhere("firstName", $firstName); $whereClause.=addWhere("lastName", $lastName); $whereClause.=addWhere("idNum", $idNum); echo 'mysql_query("' . $selectClause . ' ' . $whereClause . '"); <br /><br />'; ?> This is meant to generate a query of the type: Code: [Select] SELECT * FROM idInfo WHERE firstName='firstNameINPUT' AND lastName='lastNameINPUT' AND idNum='idNumINPUT' For some reason, though, the if statement always reads false. No matter how I try to work the syntax Code: [Select] if (!$whereClause) if ($whereClause) if ($whereClause == NULL) if ($whereClause != NULL) if (empty($whereClause) etc. I've tried all of those and more, experimenting with and without quotes. They always return a FALSE for the existence of the variable, so that the string never contains the word "AND" as it should by the end. I've tried these same if statements outside the function and they work fine. Inside the function, it doesn't matter what the value of the variable is, the function runs as though it has no value. Comments? Suggestions? Hello, my global variable is getting whacked (defined null or being undefined) after a function call. I'm not sure if it's happening when leaving the function that assigns it or when the form is "posted", or something else. Code: [Select] <? //global variables $globalVarString = ""; //function definitions function displayResults() { global $globalVarString; if ($globalVarString == "") {displayForm("please enter your search string again");} else {displayForm("you typed: $globalVarString");} } function getResults($searchInput) { global $globalVarString; $globalVarString = $searchInput; //give status ?> <html><head><title>Search</title></head><body> <form action="<?=$_SERVER['PHP_SELF']?>" method="post"> Thanks for entering your data (<? echo "$globalVarString" ?>).<br><br>Please press the submit button to process your data    <input type="Submit" value="Submit" name="processQuery"> </form></body></html> <? } function displayForm($message) { //prompt for input ?> <html><head><title>Search</title></head><body> <form action=" <? $_SERVER['PHP_SELF'] ?>" method="post"> <h3>Please enter your search <input type="text" name="searchString">    <script type="text/javascript">document.forms[0].searchString.focus();</script> <input type="Submit" value="Submit Query" name="searchQuery"></h3> </form> <? if (!$message == ""){echo "<br>    <h4>" . $message . "</h4><br>";} ?> </body></html> <? } //main() if(array_key_exists('searchQuery', $_POST)) {getResults($_POST['searchString']);} elseif (array_key_exists('processQuery', $_POST)) {displayResults();} else {displayForm("");} ?> Hi guys, I am trying to install a script and I am getting this error when loading for the first time kindly assist anyone.
i've tried whit a lot of solutions from other posts but nothing seems to be working
this part is where im having trouble but i dont know how to get it to work
namespace App\Controllers;
class Home extends BaseController
//Set form validation
//Run form validation
//Get the form data
//Web master email
//Mail settings $this->email->initialize($config);
//Send mail with data
redirect('contact');
}
<div class="header">
<a href="javascript:void(0);" class="mobi-toggler"><i class="fa fa-bars"></i></a>
<!-- BEGIN NAVIGATION --> This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=321234.0 I am making a space game. The game requires a map. The map needs to contain one or more galaxies. Each galaxy should have from 100 to 1000 star systems. Each star system needs to possess a random number of planets from 1-10. I suspect that I can use while loops to control the number of galaxies star systems and planets, but I need to know how to assign coordinates when making the universe. Hi all, I work on a php project. I wrote it in procedural way. As project grows, it stating be harder to maintain obviously and I want to convert project ( or at lease key features) to oo code. My intention is to replace part which for example connects to database and then use the rest of the script and then move to another part write it in oo and replace old part. I wrote a simple class called Connection, just to handle connection. When I make object it connects, I retrieve some info from database using query as class function. However, there is no way I can execute my procedural login script after I made a connection object. And question is why? Do I need to write whole Database class to handle it? Can I merge oo and procedural php code together in once script? Code sample: Code: [Select] class Connection{ // database access paramiters var $host = 'localhost'; var $data_base = 'database'; var $user = 'user'; var $pass = 'pass'; var $con_handle; // constructing object with automatic connetction to db function __construct(){ $this->connect(); } function connect(){ // open a connection to the database server $this->con_handle = new mysqli ($this->host, $this->user, $this->pass); if (mysqli_connect_errno()) { echo("Could not open connection to database server"); exit; } // selecting database $this->con_handle->select_db($this->data_base) or die(mysql_error()); } } Code: [Select] //{ few includes here} $connection= new Connection(); //{rest of my login script} Folks,
Look what I found he My procedural style code is this alongside their OOP:
<?php
if (!$conn)
{
$error = mysqli_connect_error();
$errno = mysqli_connect_errno();
print "$errno: $error\n";
exit();
}
// Get the total number of records from our table "students".
$total_pages = $conn->query('SELECT * FROM browsing_histories')->num_rows; //I NEED HELP TO SUBSTITUTE THIS TO PROCEDURAL STYLE
// Check if the page number is specified and check if it's a number, if not return the default page number which is 1.
$page = isset($_GET['page']) && is_numeric($_GET['page']) ? $_GET['page'] : 1;
// Number of results to show on each page.
$num_results_on_page = 5;
// if ($stmt = $conn->prepare('SELECT * FROM following_histories ORDER BY id LIMIT ?,?')) {
if($query = "SELECT id,date_and_time,query_type,followed_word,query_string,browsed_page_original,browsed_page_converted,referral_page_original,referral_page_converted,username,gender,age_range,date_of_birth,skin_complexion,height,weight,sexual_orientation,religion,education,profession,marital_status,working_status,country_of_birth,home_town,home_neighbourhood,home_borough,home_council,home_city,home_county,home_district,home_region,home_state,home_country FROM browsing_histories WHERE username = ? ORDER BY id LIMIT ? OFFSET ?"){ //my substitution of above line
$stmt = mysqli_prepare($conn,$query); //MY SUBSTITUTION OF ABOVE LINE
// Calculate the page to get the results we need from our table.
$calc_page = ($page - 1) * $num_results_on_page;
//$stmt->bind_param('ii', $calc_page, $num_results_on_page);
mysqli_stmt_bind_param($stmt,'sii',$followee_username,$calc_page,$num_results_on_page); //MY SUBSTITUTION OF ABOVE LINE
//$stmt->execute();
mysqli_stmt_execute($stmt); //MY SUBSTITUTION OF ABOVE LINE
// Get the results...
//$result = $stmt->get_result();
$result = mysqli_stmt_get_result($stmt) //MY SUBSTITUTION OF ABOVE LINE
?>
<!DOCTYPE html>
<html>
<head>
<title>PHP & MySQL Pagination by CodeShack</title>
<meta charset="utf-8">
<style>
html {
font-family: Tahoma, Geneva, sans-serif;
padding: 20px;
background-color: #F8F9F9;
}
table {
border-collapse: collapse;
width: 500px;
}
td, th {
padding: 10px;
}
th {
background-color: #54585d;
color: #ffffff;
font-weight: bold;
font-size: 13px;
border: 1px solid #54585d;
}
td {
color: #636363;
border: 1px solid #dddfe1;
}
tr {
background-color: #f9fafb;
}
tr:nth-child(odd) {
background-color: #ffffff;
}
.pagination {
list-style-type: none;
padding: 10px 0;
display: inline-flex;
justify-content: space-between;
box-sizing: border-box;
}
.pagination li {
box-sizing: border-box;
padding-right: 10px;
}
.pagination li a {
box-sizing: border-box;
background-color: #e2e6e6;
padding: 8px;
text-decoration: none;
font-size: 12px;
font-weight: bold;
color: #616872;
border-radius: 4px;
}
.pagination li a:hover {
background-color: #d4dada;
}
.pagination .next a, .pagination .prev a {
text-transform: uppercase;
font-size: 12px;
}
.pagination .currentpage a {
background-color: #518acb;
color: #fff;
}
.pagination .currentpage a:hover {
background-color: #518acb;
}
</style>
</head>
<body>
<table>
<tr>
<th>Name</th>
<th>Age</th>
<th>Join Date</th>
</tr>
<?php while ($row = $result->fetch_assoc()): ?>
<tr>
<td><?php echo $row['id']; ?></td>
<td><?php echo $row['followee_username']; ?></td>
<td><?php echo $row['follower_username']; ?></td>
</tr>
<?php endwhile; ?>
</table>
<?php if (ceil($total_pages / $num_results_on_page) > 0): ?>
<ul class="pagination">
<?php if ($page > 1): ?>
<li class="prev"><a href="pagination.php?page=<?php echo $page-1 ?>">Prev</a></li>
<?php endif; ?>
<?php if ($page > 3): ?>
<li class="start"><a href="pagination.php?page=1">1</a></li>
<li class="dots">...</li>
<?php endif; ?>
<?php if ($page-2 > 0): ?><li class="page"><a href="pagination.php?page=<?php echo $page-2 ?>"><?php echo $page-2 ?></a></li><?php endif; ?>
<?php if ($page-1 > 0): ?><li class="page"><a href="pagination.php?page=<?php echo $page-1 ?>"><?php echo $page-1 ?></a></li><?php endif; ?>
<li class="currentpage"><a href="pagination.php?page=<?php echo $page ?>"><?php echo $page ?></a></li>
<?php if ($page+1 < ceil($total_pages / $num_results_on_page)+1): ?><li class="page"><a href="pagination.php?page=<?php echo $page+1 ?>"><?php echo $page+1 ?></a></li><?php endif; ?>
<?php if ($page+2 < ceil($total_pages / $num_results_on_page)+1): ?><li class="page"><a href="pagination.php?page=<?php echo $page+2 ?>"><?php echo $page+2 ?></a></li><?php endif; ?>
<?php if ($page < ceil($total_pages / $num_results_on_page)-2): ?>
<li class="dots">...</li>
<li class="end"><a href="pagination.php?page=<?php echo ceil($total_pages / $num_results_on_page) ?>"><?php echo ceil($total_pages / $num_results_on_page) ?></a></li>
<?php endif; ?>
<?php if ($page < ceil($total_pages / $num_results_on_page)): ?>
<li class="next"><a href="pagination.php?page=<?php echo $page+1 ?>">Next</a></li>
<?php endif; ?>
</ul>
<?php endif; ?>
</body>
</html>
<?php
//$stmt->close();
mysqli_stmt_close($stmt); //MY SUBSTITUTION OF ABOVE LINE
}
?>
Edited February 2, 2019 by phpsane I am just wanting to know what the other forms of this type of conditonal would be, the type of if statement is as follows: if ($_POST) {print_r($_POST);} Just seen it a few times now, I know this means if $_POST exists. use the print_r() function to display the entire post array suber global variable. But what are the other combinations other than just if true? Like how are they used like this, like if I wanted to see if a random variable is not identical to another etc. Any helps appreciated, Jez. Hello,
I am pretty new to PDO but have heard that it is good to use prepared statements to help avoid mysql injections.
What I'm wondering is, when using prepare, does one need to bind parameters or would one be able to do something like the following without risking security?
$db = new PDO(..);
$r = $db->prepare("SELECT * FROM test WHERE col=$_POST['col']");
$r->execute();
Thanks
I'm trying to clean up all my functions with any queries which take dynamic parameters using PDO prepared statements. I originally thought I was using prepared statements and was told later I wasn't so it's been on my to-do list to go and clean them up. I have cleaned up a lot of them and tested them and they are working fine. This one is giving me a problem though..
/*fetch production data*/
if( isset( $field ) && isset( $type ) && isset( $value ) ) {
$sql = 'SELECT id, job_number, enterprise, description, line_item, as400_ship_date
FROM production_data
WHERE :field :type :value
ORDER BY enterprise, job_number, line_item LIMIT :offset, :records_per_page';
$stmt = $pdo->prepare($sql);
$stmt->execute( [ 'field' => $field, 'type' => $type, 'value' => $value, 'offset' => $offset, 'records_per_page' => $records_per_page ] );
} else {
$sql = 'SELECT id, job_number, enterprise, description, line_item, as400_ship_date
FROM production_data
ORDER BY enterprise, job_number, line_item LIMIT '. $offset . ', '. $records_per_page;
}
It takes values from some drop downs (I'm using tabulator to generate a table and this part is related to it's pagination functions)...here is the HTML for those elements.
<div class="table-controls">
<div class="form-row">
<div class="col">
<label for="filter-field" class="col-form-label-sm">Field: </label>
<select id="filter-field" class="form-control form-control-sm">
<option></option>
<option value="Job Number">Job Number</option>
<option value="Enterprise">Enterprise</option>
</select>
</div>
<div class="col">
<label for="filter-type" class="col-form-label-sm">Type: </label>
<select id="filter-type" class="form-control form-control-sm">
<option value="like" selected="selected">Like</option>
<option value="=">Equal to</option>
</select>
</div>
<div class="col">
<label for="filter-value" class="col-form-label-sm">Value: </label>
<input id="filter-value" class="form-control form-control-sm" style="float: left;" type="text" placeholder="Value to filter...">
</div>
<div class="col d-flex align-content-end flex-wrap">
<button id="filter-clear" class="btn btn-primary btn-sm rounded-0">Clear Filters & Sorting</button>
</div>
</div>
</div>
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? ? ORDER BY enterprise, job_number, line_item LIMIT ?, ?' at line 3 in C:\wamp64\www\test\scripts\order_status.php on line 125
I'd love to use anonymous placeholders on my ecommerce site project. I am writing half with php and half with golang. On the three examples below, when run, gives the following exception, " Error: Call to a member function execute() on string. " I tried it with a decimal too. Thanks in advance.
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->execute();
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->bindParam(1, $productID, PDO::PARAM_INT);
$stmt->execute();
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->bindValue(1, $productID, PDO::PARAM_INT);
$stmt->execute();
Here is the rest of the code :
<?php
$filename = "";
$keyword1 = $_GET['keyword'];
$titleOfSelectedDropDown = $_GET['val1'];
$fileID = "";
$imageID = "a";
$displayID = "";
$keyword1 = "test";
$titleOfSelectedDropDown = "cc";
$host = 'localhost';
$user = 'root';
$pass = '';
$database = 'ecommerce';
$options = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false
);
$gKeyword1 = "";
$gKeyword2 = "";
$gKeyword3 = "";
$key1ID = "";
$key2ID = "";
$key3ID = "";
$string1 = "<center><h1><u>Search Results</u><h1></center></p>";
$dbo = new PDO("mysql:host=$host;dbname=$database", $user, $pass, $options);
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
$test = "1";
$stmt->execute([ $test ]);
Edited March 17 by JoshEir mistake I am trying to update the database with isset to set the value of the variable to either null or the value entered by the user. Currently, if no value has been entered null is being set as a string causing the date field to populate with zeros. How do I code it so that it populates or sets the value as null and not as string null?
Here's my code: (yes I know sql injections it's still in development )
<?php ERROR 0 Fatal error: Call to a member function execute() on a non-object ... i've tested the $mysqli and $stmt, both are objects, i have other requests that work well and are built the same way (copy - paste) all vars on the query are also ok. There are working functions over and under this part of my code, if i remove it everything works fine. Code: [Select] $query2 = "INSERT INTO TABLE_NAME(accountSmtp, passwordSmtp, merchantID, adsPrice, adsWidth, adsHeigh, adsAmount, email, emailFrom, adsSense) VALUES('$gmailUser', '$gmailPassword', '$merchantID', '$prix', '$width', '$height', '$adsAmount', '$email', '$from', '$sense')"; if (!$stmt = $mysqli->prepare($query2)) { printf("Erreur : %d.\n", $stmt->errno); print_r($query2); } /* execute statement */ $stmt->execute(); //close statement $stmt->close(); |
|||||||