PHP mysqli_stmt_execute() error
Question
I am getting the following errors when I attempt to submit my form:
Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, boolean given in /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 66
Warning: mysqli_stmt_affected_rows() expects parameter 1 to be mysqli_stmt, boolean given in /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 68
Error Occurred
Warning: mysqli_error() expects exactly 1 parameter, 0 given in /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 83
Warning: mysqli_stmt_close() expects parameter 1 to be mysqli_stmt, boolean given in /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 85
I have checked all of the other posts with the same error and I have not made any of the mistakes mentioned in those.
My PHP is:
<?php
session_start();
if(isset($_POST['submit'])){
$data_missing = array();
if(empty($_POST['aboutme'])){
// Adds name to array
$data_missing[] = 'aboutme';
} else {
// Trim white space from the name and store the name
$aboutme = trim($_POST['aboutme']);
}
if(empty($_POST['full_name'])){
// Adds name to array
$data_missing[] = 'full_name';
} else {
// Trim white space from the name and store the name
$full_name = trim($_POST['full_name']);
}
if(empty($_POST['friend'])){
// Adds name to array
$data_missing[] = 'friend';
} else {
// Trim white space from the name and store the name
$friend = trim($_POST['friend']);
}
if(empty($data_missing)){
$id = $_SESSION["user_id"];
require_once('mysqli_connect.php');
$query = "UPDATE userprofile SET full_name='{$full_name}' aboutme='{$aboutme}' friend='{$friend}' WHERE id='{$id}' LIMIT 1";
$stmt = mysqli_prepare($dbc, $query);
//i Interger
//d Doubles
//s Everything Else
mysqli_stmt_execute($stmt);
$affected_rows = mysqli_stmt_affected_rows($stmt);
if($affected_rows == 1){
echo 'Student Entered';
mysqli_stmt_close($stmt);
mysqli_close($dbc);
} else {
echo 'Error Occurred<br />';
echo mysqli_error();
mysqli_stmt_close($stmt);
mysqli_close($dbc);
}
} else {
echo 'You need to enter the following data<br />';
foreach($data_missing as $missing){
echo "$missing<br />";
}
}
}else {
echo mysqli_error();
}
?>
I have used this code before in previous sections of the website for different purposes and I have not had any problems. I have spent a long time trying to locate the error and had no success, so I decided to ask here.
2 answers
solution1
2 ACCPTED 2014-12-18 16:40:21
The error is caused by an error in your SQL; because of the error, the statement fails to prepare.
Your query:
$query = "UPDATE userprofile SET full_name='{$full_name}' aboutme='{$aboutme}' friend='{$friend}' WHERE id='{$id}' LIMIT 1";
You're missing the commas between the columns:
$query = "UPDATE userprofile SET full_name='{$full_name}', aboutme='{$aboutme}', friend='{$friend}' WHERE id='{$id}' LIMIT 1";
And, for what it's worth, you're not properly using prepared statements - you're still setting the values directly into the query which is prone to SQL injection.
Try updating to:
$query = "UPDATE userprofile SET full_name=?, aboutme=?, friend=? WHERE id=? LIMIT 1";
$stmt = mysqli_prepare($dbc, $query);
if ($stmt) {
mysqli_stmt_bind_param($stmt, "sssi", $full_name, $aboutme, $friend, $id);
mysqli_stmt_execute($stmt);
// the rest of your code
}
solution2
0 2020-08-24 12:05:07
I tried this answers but not work on my case the problem in my php code was
$purchased_date = date('Y-m-d', strtotime($_POST['pdate']));
when i checked the database I found it only store the Year and stop after it saw -
so it return error we should get the date like this
$purchased_date = date('Ymd', strtotime($_POST['pdate']));
sorry If i have grammar mistakes
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.