|
PHP - Problem With Bind_param()
Please forgive me as I am new to php. I'm going to try and explain my problem the best I can.
I'm trying to create a member login that checks that the username and password match before logging in. membership.php: require ('SQL.php'); class Membership { function validate_User($un, $pwd) { $mysql = new MySQL(); $ensure_credentials = $mysql->verify_Username_and_Pass($un, md5(trim($pwd) . PW_SALT)); if($ensure_credentials) { $_SESSION['status'] = 'authorized'; $_SESSION['uname'] = $un; header('location: index.php'); } else return "Please enter a correct username and password"; } SQL.php: class Mysql { private $conn; function __construct() { $this->conn = new mysqli($DB_HOST, $DB_USER, $DB_PASSWORD, $DB_DATABASE) or die('There was a problem connecting to the database.'); } function verify_Username_and_Pass($un, $pwd) { $query = "SELECT * FROM users WHERE username = ? AND password = ? LIMIT 1"; if($stmt = $this->conn->prepare($query)) { $stmt->bind_param('ss', $un, $pwd); $stmt->execute(); if($stmt->fetch()) { $stmt->close(); return true; } } } } After $un and $pwd are entered it returns "Please enter a correct username and password" regardless if the username and password are correct. If I change this line if($ensure_credentials) { in Membership.php to if($ensure_credentials != true) { it will allow me to login, except it only verifies $un, and $pwd can be anything. Please help! Similar TutorialsI get this error when I run my login system. Call to a member function bind_param() on a non-object in /models/class.newuser.php on line 131This is the modified code (Line 131 is on the top line):
$stmt->bind_param("ssssi", $this->username, $secure_pass, $this->clean_email, $this->activation_token, $this->user_active);
$stmt->execute();
$inserted_id = $mysqli->insert_id;$stmt->close();
//Insert default permission into matches table
$stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."user_permission_matches (
user_id,
permission_id
)
VALUES (
?,
'1'
)") ;
$stmt->bind_param("s", $inserted_id);
$stmt->execute();
$stmt->close();
This is the whole code...
<?php
/*
.
.
*/
class User
{
public $user_active = 0;
private $clean_email;
public $status = false;
private $clean_password;
private $username;
public $sql_failure = false;
public $mail_failure = false;
public $email_taken = false;
public $username_taken = false;
public $activation_token = 0;
public $success = NULL;
function __construct($user,$pass,$email)
{
//Sanitize
$this->clean_email = sanitize($email);
$this->clean_password = trim($pass);
$this->username = sanitize($user);
if(usernameExists($this->username))
{
$this->username_taken = true;
}
else if(emailExists($this->clean_email))
{
$this->email_taken = true;
}
else
{
//No problems have been found.
$this->status = true;
}
}
public function userCakeAddUser()
{
global $mysqli,$emailActivation,$websiteUrl,$db_table_prefix;
//Prevent this function being called if there were construction errors
if($this->status)
{
//Construct a secure hash for the plain text password
$secure_pass = generateHash($this->clean_password);
//Construct a unique activation token
$this->activation_token = generateActivationToken();
//Do we need to send out an activation email?
if($emailActivation == "true")
{
//User must activate their account first
$this->user_active = 0;
$mail = new userCakeMail();
//Build the activation message
$activation_message = lang("ACCOUNT_ACTIVATION_MESSAGE",array($websiteUrl,$this->activation_token));
//Define more if you want to build larger structures
$hooks = array(
"searchStrs" => array("#ACTIVATION-MESSAGE","#ACTIVATION-KEY","#USERNAME#"),
"subjectStrs" => array($activation_message,$this->activation_token,$this->username)
);
/* Build the template - Optional, you can just use the sendMail function
Instead to pass a message. */
if(!$mail->newTemplateMsg("new-registration.txt",$hooks))
{
$this->mail_failure = true;
}
else
{
//Send the mail. Specify users email here and subject.
//SendMail can have a third parementer for message if you do not wish to build a template.
if(!$mail->sendMail($this->clean_email,"New User"))
{
$this->mail_failure = true;
}
}
$this->success = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE2");
}
else
{
//Instant account activation
$this->user_active = 1;
$this->success = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE1");
}
if(!$this->mail_failure)
{
//Insert the user into the database providing no errors have been found.
$stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."users (
user_name,
password,
email,
activation_token,
last_activation_request,
lost_password_request,
active,
title,
sign_up_stamp,
last_sign_in_stamp
)
VALUES (
?,
?,
?,
?,
?,
'".time()."',
'0',
?,
'New Member',
'".time()."',
'0'
)");
$stmt->bind_param("ssssi", $this->username, $secure_pass, $this->clean_email, $this->activation_token, $this->user_active);
$stmt->execute();
$inserted_id = $mysqli->insert_id;
$stmt->close();
//Insert default permission into matches table
$stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."user_permission_matches (
user_id,
permission_id
)
VALUES (
?,
'1'
)") ;
$stmt->bind_param("s", $inserted_id);
$stmt->execute();
$stmt->close();
}
}
}
}
?>
Code: [Select] $params = array(); $type=array(); $fragments = array(); while (list($chiave,$val) = each($_POST)){ if($val!=""){ $fragments[] = $chiave." = ?"; //echo $chiave; if($chiave=="ritiro" or $chiave=="data") $params[] = normalToDbDate($val); else $params[] = $val; if($chiave=="legale") $type[]='i'; else $type[]='s'; } } $prova=implode("",$type); foreach($params as $param) echo "<p>".$param."</p>"; //echo "val(".count($params).")-->".implode(',',$params); //echo "type(".strlen($prova).")-->".implode("",$type); $sql = $db->prepare("..... AND ".implode(" AND ", $fragments)); array_unshift($params,$prova) call_user_func_array( array( $sql, 'bind_param' ),$params); //$sql->bind_param($prova,$params); $sql->execute(); hi all, with the tructure above i've tried to implement the cration of a dynamic query for a search form. i debugged with echoes and che numbers of bind_param and the those in the prepared statement match in sense that count($params)=strlen($prova). having said that i get this error: Code: [Select] Warning: call_user_func_array() expects parameter 2 to be array, integer given in and no results are shown to me even when the filter match. I'm new to coding and prepared statements.
I'm getting: For this:
<?php
include "db_connect.php";
if(isset($_POST['UserID'])){
$stmt = $con -> prepare('UPDATE UserList
SET Status = ?,
FirstName = ?,
LastName = ?,
Username = ?,
Email = ?,
Department = ?,
Manager = ?,
WHERE UserID = ?');
$stmt -> bind_param('isssssss', /* Line 17 */
$_POST['Status'],
$_POST['FirstName'],
$_POST['LastName'],
$_POST['Username'],
$_POST['Email'],
$_POST['Department'],
$_POST['Manager'],
$_POST['UserID']);
$stmt->execute();
}
Thank you in advance for helping. 2 9 0 1 Fatal error: Call to a member function bind_param() on boolean.
It fails on the BIND_PARAM line.
I have looked at this all day, struggling with Mysqli as my normal MySql works fine with assoc and fetch.
I have verified in PhpInfo that mysqli is enabled. I have verified its loaded using <?php print_r(get_loaded_extensions()); Added utf8 just to make sure.
If I manually use the Wrong Password, I get a connection refused error, so I know its connected.
Verified my $_POST variables are there using Print in the 2 9 0 1 above.
All Table and Field Names are correct. Manual Insert works fine in myPhpAdmin. Tried Field Names and ? marks with and without single quotes. All fields are Integers in the table.
Could it be related to an Auto_Increment Field in the table for a record ID that I am not providing?? A normal insert in myPhpAdmin doesn't need it.
$QuestionID = $_POST['qID']; print $QuestionID . " ";
Thanks, CadJoe Edited August 26, 2017 by CadJoeHello,
I have problem durring binding update query. I can't find what is causing problem.
public function Update(Entry $e)
{
try
{
$query = "update entry set string = $e->string,delimiter=$e->delimiter where entryid= $e->id";
$stmt = $this->db->mysqli->prepare($query);
$stmt->bind_param('ssi',$e->string,$e->delimiter,$e->id);
$stmt->close();
}
catch(Exception $ex)
{
print 'Error: ' .$ex->getMessage();
}
}
When I run function update I'm getting next error:Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement
Can you help me to solve this problem ?
Edited by danchi, 17 October 2014 - 10:25 AM. Guys thanks for helping me solve the problem i had but now i have another problem and i am lost. i have included the code below for you to have overview.
This is the code:
<table style="width:100%; margin-left:auto; margin-right:auto"> Code: [Select] $sql = "SELECT softwareID,softwareName,softwareType,softwareDesc,softwarePath,ITOnly FROM software WHERE softwareName LIKE '%($searchSoftware)%' ORBER BY softwareName"; $result = mysqli_query($cxn,$sql) or die(mysqli_error()); There is something wrong with my LIKE statement because it's not pulling it since I'm either formatting it wrong or something. Can anyone catch it? Hi there, I have a map of America made in flash, where you click on a state and the page should display the SQL database information for that state in the HTML table - but instead all it shows is the first entry of the database regardless of which state you click and it doesn't display the 2 radio buttons. My code is as follows Flash Actionscript 3 (just showing one state) Code: [Select] function waClick(event:MouseEvent):void { var waURL:URLRequest = new URLRequest("restaurants.php?state=Washington"); navigateToURL(waURL, "_self"); } wa_btn.addEventListener(MouseEvent.CLICK, waClick); PHP code Code: [Select] <?php include("mvfconnect.php"); $theChoice = $_GET['state']; $query = "SELECT * FROM restaurants WHERE" .$theChoice; $result = @ mysql_query($query); if (!$result) { $message="Unfortunately we are having problems with this page, we promise to have it fixed as soon as possible"; die($message); } $num = mysql_num_fields($result); $i=0; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)){ $show1=substr($row['state'],0,50)."..."; $show2=substr($row['city'],0,50)."..."; $show3=substr($row['rname'],0,50)."..."; $show4=substr($row['address'],0,50)."..."; $show5=substr($row['pnum'],0,50)."..."; $show6=substr($row['web'],0,50)."..."; $show7=substr($row['dishes'],0,50)."..."; $show8=substr($row['dish_details'],0,50)."..."; $show9=substr($row['challenges'],0,50)."..."; $show10=substr($row['challenge_details'],0,50)."..."; $show11=substr($row['youtube'],0,50)."..."; $show12=substr($row['images'],0,50)."..."; echo "<tr>". "<td>".$row['city']."</td>". "<td>".$row['rname']."</td>". "<td>".$row['address']."</td>". "<td>".$row['pnum']."</td>". "<td>".$row['web']."</td>". "<td>".$row['dishes']."</td>". "<td>".$row['challenges']."</td>". "<td id='state".$i."' style='display:none'>".$row['state']."</td>". "<td id='city".$i."' style='display:none'>".$row['city']."</td>". "<td id='rname".$i."' style='display:none'>".$row['rname']."</td>". "<td id='address".$i."' style='display:none'>".$row['address']."</td>". "<td id='pnum".$i."' style='display:none'>".$row['pnum']."</td>". "<td id='web".$i."' style='display:none'>".$row['web']."</td>". "<td id='dishes".$i."' style='display:none'>".$row['dishes']."</td>". "<td id='dish_details".$i."' style='display:none'>".$row['dish_details']."</td>". "<td id='challenges".$i."' style='display:none'>".$row['challenges']."</td>". "<td id='challenge_details".$i."' style='display:none'>".$row['challenge_details']."</td>". "<td id='youtube".$i."' style='display:none'>".$row['youtube']."</td>". "<td id='images".$i."' style='display:none'>".$row['images']."</td>". "<td><input type='radio' name='vid' id='vid".$i."' onclick='openVideo(".$i.")' /></td>". "<td><input type='radio' name='pic' id='pic".$i."' onclick='openImage(".$i.")' /></td>". "<td class='last'style='display:none'>".$show1." ".$show2." ".$show3." ".$show4." ".$show5." ".$show6." ".$show7." ".$show8." ".$show9." ".$show10."</td>". "</tr>"; $i++; } ?> I have used this code before and it has worked fine, can someone please help me out! Hi. I am from poland. I am 17 old age and like webmastering. I write my social network. I have new server 10 GB VPS and my script no runing In my server. in my server do can not login. No runing function Code: [Select] mb_strtolower();as delete function mb_strtolower() ; this login runing. In my server haven`t installing liberary GD and no runing upload avatars. my code upload is: elseif ($_GET['act'] == "upload") { echo <<< KONIEC <hr> <center> <p> <h2>Dodaj zdjęcie</h2> <ul class="gallery clearfix"> <li class="extra"> KONIEC; error_reporting(E_ALL); // we first include the upload class, as we will need it here to deal with the uploaded file include('include/class.upload.php'); // retrieve eventual CLI parameters $cli = (isset($argc) && $argc > 1); if ($cli) { if (isset($argv[1])) $_GET['file'] = $argv[1]; if (isset($argv[2])) $_GET['dir'] = $argv[2]; if (isset($argv[3])) $_GET['pics'] = $argv[3]; } // set variables $dir_dest = (isset($_GET['dir']) ? $_GET['dir'] : 'test'); $dir_pics = (isset($_GET['pics']) ? $_GET['pics'] : $dir_dest); if (!$cli) { } // we have three forms on the test page, so we redirect accordingly if ((isset($_POST['action']) ? $_POST['action'] : (isset($_GET['action']) ? $_GET['action'] : '')) == 'simple') { // ---------- SIMPLE UPLOAD ---------- // we create an instance of the class, giving as argument the PHP object // corresponding to the file field from the form // All the uploads are accessible from the PHP object $_FILES $handle = new Upload($_FILES['my_field']); // then we check if the file has been uploaded properly // in its *temporary* location in the server (often, it is /tmp) if ($handle->uploaded) { // yes, the file is on the server // now, we start the upload 'process'. That is, to copy the uploaded file // from its temporary location to the wanted location // It could be something like $handle->Process('/home/www/my_uploads/'); $handle->Process($dir_dest); function TestProcess(&$handle, $title = 'test', $details='') { global $dir_pics, $dir_dest; $unlink = 'test/'. $handle->file_dst_name; $myid = $_SESSION['id']; $opis = htmlspecialchars(stripslashes(strip_tags(trim($_POST["opis"]))), ENT_QUOTES); $handle->Process($dir_dest); if ($handle->processed) { unlink("$unlink"); $link = ''.$dir_pics.'/' . $handle->file_dst_name .''; $addphoto = mysql_query("INSERT INTO photo VALUES('', '$myid', '$link', '$opis')"); echo <<< KONIEC <br> <center> <img src="$link" > <br> <br /> </center> KONIEC; } else { echo '<fieldset class="classuploadphp">'; echo ' <legend>' . $title . '</legend>'; echo ' Error: ' . $handle->error . ''; if ($details) echo ' <pre class="code php">' . htmlentities($details) . '</pre>'; echo '</fieldset>'; } } if (!file_exists($dir_dest)) mkdir($dir_dest); // ----------- $handle->image_convert = 'jpg'; $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_x = 500; $handle->image_precrop = 15; $handle->image_watermark = "watermark_large.png"; $handle->image_watermark_x = 20; $handle->image_watermark_y = -20; TestProcess($handle, '15px pre-cropping (before resizing 800 wide), large watermark automatically reduced, position 20 -20', "\$foo->image_convert = 'jpg';\n\$foo->image_resize = true;\n\$foo->image_ratio_y = true;\n\$foo->image_x = 800;\n\$foo->image_precrop = 15;\n\$foo->image_watermark = 'watermark_large.png';\n\$foo->image_watermark_x = 20;\n\$foo->image_watermark_y = -20;"); } else { // one error occured echo '<fieldset>'; echo ' <legend>file not uploaded to the wanted location</legend>'; echo ' Error: ' . $handle->error . ''; echo '</fieldset>'; } // we copy the file a second time // we delete the temporary files $handle-> Clean(); } else { // if we are here, the local file failed for some reasons echo '<fieldset>'; echo ' <legend>local file error</legend>'; echo ' Error: ' . $handle->error . ''; echo '</fieldset>'; } echo <<< KONIEC <li> </ul> </p> </center> KONIEC; is it the only problem that isn`t installing GD as i have something off in php.ini ? Plise Help me i'm getting this erro "Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 3 in /***/***/*****.php on line 278 not an active session, starts new" this is the code: if ($phase = mysql_result(mysql_query("SELECT `phase` FROM `as_support` WHERE `mission` = '$var2'"),0,0)) { if ($phase=='5') { // mysql_query("DELETE FROM `as_support` WHERE `mission` = '$var2'"); // header("Location: https://www.**********/*******/*******.php"); } else { echo date('h:i:s') . ": PHASE is $phase<br />"; echo "\$var1=$var1,\$var2=$var2<br />"; } } else { echo "not an active session, starts new<br />"; echo "\$var1=$var1,\$var2=$var2<br />"; mysql_query("INSERT INTO `as_support` (`mission`, `phase`) VALUES ('$var2', '0')") OR DIE(mysql_error()); the first line is line no. 278 can someone please tell me what to do? tnx shirley i have written a script using touch() function for creating new pages.. but the url's appear are not search engine frendly i want the urls to appear like this everyspace filled with - oder than a space because the space makes the url display as http://localhost/gl/uploads/movies/2010/08/The%20Hangman%202010%20Hindi%20Movie%20Watch%20Online/The%20Hangman%202010%20Hindi%20Movie%20Watch%20Online.php I want it to appear this way http://www.onlinewatchmovies.net/hindi/vroom-2010-hindi-movie-watch-online.html any suggestion how can i do this? Im trying to parse this string and put it in the array.. However i dont know how.. Code: [Select] 11111<>your mobile<>the receiver<>keyword<>2012-01-15<>12:09:08<>wow "this", is great! I want to remove this sign <> and put the elements on the array.. Also i would not want to loose the quotes and commas Can someone help me? thanks Hey guys i just installed a new Theme on my IPB 3.3.4 its called Dashboard now, the start page looks fine but if i try to click on "My Profile" an error pops up.
Error message:
Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\xampp\htdocs\board\cache\skin_cache\cacheid_4\skin_profile.php on line 1035
skin_profile.php on line 1035:
<span class='ipsType_smaller desc lighter blend_links'><a href='" . $this->registry->getClass('output')->formatUrl( $this->registry->getClass('output')->buildUrl( "app=members&module=profile&section=status&type=single&status_id={$status['status_id']}", "public",'' ), "array($status['member_id'], $status['members_seo_name'])", "members_status_single" ) . "'>{$this->lang->words['ps_updated']} " . $this->registry->getClass('class_localization')->getDate($status['status_date'],"manual{%d %b}", 0) . " · " . intval($status['status_replies']) . " {$this->lang->words['ps_comments']}</a></span>
hello! I have a problem with utf-8 ...
In horizontalmenu.php I have:
print '<a href="/calcioitalia/coaches/'.$name.'.html').'">'.$name.'</a>';where $name=José Márioand in .htaccess I have AddDefaultCharset UTF-8 AddCharset UTF-8 .htmland doesn't work... How could I solve this problem? Thank u! Not exactly sure how to do this. What I need is when a person clicks on the link ie: page.php?nid=1 then it loads what needs to be loaded but if a user clicks and there is no nid ie: page.php?nid= Then it loads something else. if (nid==$nid){ echo "This is the data to show"; }else{ Show this data instead } Both if and else both show different mysql data. Hopefully I explained myself well. Hi all. When I typed symbol ' in my textarea , after I submit it and view for what I typed , it will automatically add a slash in front of the ' . Such as the message is "I'm fine" , then it will turn out as "I\'m fine". Can I know what is the problem ? and how can I solve it? Thanks for every reply . Hi everyone. I have written a PHP script gets data from a MySQL database and attempts to convert it to an RSS feed. The problem I am having is that when I preview the feed the "article_type", "article_author", "article_author2" and "article_company" information is not showing up in the feed. Have I coded this wrong? Thanks for any help. while($rss_array = mysql_fetch_array($rss_rs)) { $xml .= "<item><title><![CDATA[" . $rss_array['article_title'] . "]]></title> <link><![CDATA[index.php?skip=true&article=" . $rss_array['article_number'] . "]]></link><guid><![CDATA[index.php?skip=true&article=" . $rss_array['article_number'] . "]]></guid><description><![CDATA[" . str_replace("'", "", $rss_array['article_description']) . "]]></description> <article_type>" . $rss_array['article_type'] . "</article_type> <article_author>" . $rss_array['article_author'] . "</article_author> <article_author2>" . $rss_array['article_author2'] . "</article_author2> <article_company>" . $rss_array['article_company'] . "</article_company> </item>"; } I Have An error on line 42 not sure what it is can any one tell? $foundnum = mysql_num_rows($run); Hello everyone Just found this forum and really need some help. I'm trying to create a popup contact form for my product pages. I managed to get a php form from a random site and i cant get the form to pop up. http://www.e-sol.co.uk/printer-scanner-copier.php If someone could help i would be very grateful. |
|||||||