stackoom
  简体   繁体   中英

Cannot find solution to the problem in prepared statement(procedural php)

 原文  2019-01-03 20:37:15       php/ session/ mysqli

Question

<?php

    if(isset($_POST['register-button']))
    {
    include 'dbh.inc.php';
    error_reporting(0);
    $uname = $_POST['username'];
    $name = $_POST['name'];
    $email = $_POST['email'];
    $pwd = $_POST['pass'];
    $rpwd = $_POST['repass'];
    $city = $_POST['city'];
    $age = $_POST['age'];
    $gender = $_POST['gender'];
    $courses = implode(',',$_POST['lang']);

    if(empty($uname) || empty($name) || empty($email) || empty($pwd) ||  empty($rpwd) || empty($city) || empty($age) || empty($gender) || empty($courses)){
        header("Location: ../register.php?error=emptyfields&name=".$name."&email=".$email."&city=".$city."&age=".$age);
        exit();
    }
    elseif(!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $uname){
        header("Location: ../register.php?error=invaliduname&email");
        exit();
    }
    elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)){
        header("Location: ../register.php?error=invalidemail&username=".$uname."name=".$name."&city=".$city."&age=".$age);
        exit();
    }
    elseif(!preg_match("/^[a-zA-Z0-9]*$/", $username)){
        header("Location: ../register.php?error=invalidusername&name=".$name."email=".$email."&city=".$city."&age=".$age);
        exit();
    }
    elseif($pwd!=$rpwd){
        header("Location: ../register.php?error=passwordcheck&username=".$uname."name=".$name."&email=".$email."&city=".$city."&age=".$age);
        exit();
    }
    else{
        $sql1 = "select * from users where uname=?";
        $sql2 = "select * from users where email=?";

        $stmt1 = mysqli_stmt_init($conn);
        $stmt2 = mysqli_stmt_init($conn);

        if(!mysqli_stmt_prepare($stmt1,$sql1) && !mysqli_stmt_prepare($stmt2,$sql2)){
            header("Location: ../register.php?error=sqlerror");
            exit();
        }
        else{
            mysqli_stmt_bind_param($stmt1,"s",$uname);
            mysqli_stmt_bind_param($stmt2,"s",$email);

            mysqli_stmt_execute($stmt1);
            mysqli_stmt_execute($stmt2);

            mysqli_stmt_store_result($stmt1);
            mysqli_stmt_store_result($stmt2);

            $resultcheck1=mysqli_stmt_num_rows($stmt1);
            $resultcheck2=mysqli_stmt_num_rows($stmt2);

            if($resultcheck2>0){
                header("Location: ../register.php?error=registeredemail");
                exit();
            }
            elseif($resultcheck1>0){
                header("Location: ../register.php?error=usernametaken");
                exit();
            }
            else{
                $sql="insert into users values(?,?,?,?,?,?,?,?)";
                $stmt=mysqli_stmt_init($conn);
                if(!mysqli_stmt_prepare($stmt,$sql)){
                    header("Location: ../register.php?error=sqlerror");
                    exit();
                }
                else{
                    $hpass = password_hash($pwd, PASSWORD_DEFAULT);
                    mysqli_bind_param($stmt,"ssssssss",$uname,$name,$email,$hpass,$city,$age,$gender,$courses);
                    mysqli_stmt_execute($stmt);

                    session_start();
                    $_SESSION['uid']=$uname;

                    header("Location: ../index.php");
                    exit();
                }
            }
        }
    }
    }
    else
    {
    header("Location: ../index.php");
    exit();
    }
?>

Warning: mysqli_stmt_bind_param(): invalid object or resource mysqli_stmt in C:\\xampp\\htdocs\\php\\responsive_website\\includes\\signup.inc.php on line 50

Warning: mysqli_stmt_execute(): invalid object or resource mysqli_stmt in C:\\xampp\\htdocs\\php\\responsive_website\\includes\\signup.inc.php on line 53

Warning: mysqli_stmt_store_result(): invalid object or resource mysqli_stmt in C:\\xampp\\htdocs\\php\\responsive_website\\includes\\signup.inc.php on line 56

Warning: mysqli_stmt_num_rows(): invalid object or resource mysqli_stmt in C:\\xampp\\htdocs\\php\\responsive_website\\includes\\signup.inc.php on line 59

Fatal error: Uncaught Error: Call to undefined function mysqli_bind_param() in C:\\xampp\\htdocs\\php\\responsive_website\\includes\\signup.inc.php:78 Stack trace: #0 {main} thrown in C:\\xampp\\htdocs\\php\\responsive_website\\includes\\signup.inc.php on line 78

1 answers

solution1
 1 ACCPTED  2019-01-03 20:45:31

Your problem is that you are only exiting if both prepares (of $stmt1 and $stmt2 ) fail, where you should exit if either of them fail. Change this line:

if(!mysqli_stmt_prepare($stmt1,$sql1) && !mysqli_stmt_prepare($stmt2,$sql2)){

to

if(!mysqli_stmt_prepare($stmt1,$sql1) || !mysqli_stmt_prepare($stmt2,$sql2)){

You should also use mysqli_error() to find out why the prepare failed, perhaps adding that to the location you redirect to eg

header("Location: ../register.php?error=sqlerror&msg=" . urlencode(mysqli_error($conn)));

Your other problem is that you have a typo, mysqli_bind_param should be mysqli_stmt_bind_param on line 78.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Cannot Figure out Procedural MySQL Prepared Statement error using PHP PHP Procedural Prepared Statement for Mysqli Multi Query Cannot pass parameter by reference PHP prepared statement problem Problem with UPDATE prepared statement in PHP PHP PDO Update prepared statement problem Strange Results from MySQLi Prepared Statement With Wildcard (Procedural) populating my dropdown menu using procedural prepared statement mysqli_num_rows fails with prepared statement , procedural style PHP prepared statement within a prepared statement PHP MySQL prepared statement in a prepared statement
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM