eMonk

I'm trying this now but still getting an error: Fatal error: Call to undefined method mysqli_stmt::get_result() $result_1 = $qry1->get_result(); I'm new to mysqli prepared statements been reading about it online and in my php book but can't seem to figure this part out?

What am I doing wrong in the code below? $qry1 = $db->prepare("SELECT id FROM user WHERE username = ? AND password = ?"); $qry1->bind_param('ss', $_GET['username'], sha1($_GET['password'])); $qry1->execute(); $db->bind_result($result_1); Fatal error: Call to undefined method mysqli::bind_result()

Ah, I believe I understand it now. The use of bind_param is for the values stored within a table. Thanks!

I want to switch to mysqli_prepared statements but have a question before I start. example 1 $query = $mysqli->prepare('SELECT * FROM users WHERE username = ?'); $query->bind_param('s', $_GET['username']); $query->execute(); example 2 $query = $mysqli->prepare("SELECT * FROM users WHERE username = 'Rick' "); $query->execute(); Is bind_param always necessary and why, for security reasons?

The emails being sent out are notifications that their accounts have been approved along with their login and password. I don't want the people in the BCC recipients list to see all addresses in the list. So, emailing users separating in the foreach loop would be best for this?

Would it be better not to mail and loop or to create a BCC list by imploding the recipients list and send them out in one single blast?

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Control Panel</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="../style.css" rel="stylesheet" type="text/css"> </head> <body class="text"> <h1>Pending Ads</h1> <form action="" method="post"> <?php include("../includes/connect.php"); $query_1 = "SELECT id, name, last_updated FROM model WHERE status = 'Pending' ORDER BY last_updated DESC"; $result_1 = $db->query($query_1); $num_results = $result_1->num_rows; echo "<p>Number of results found: ".$num_results."</p>"; for ($i=0; $i <$num_results; $i++) { $row = $result_1->fetch_assoc(); $id = $row['id']; $name = $row['name']; $date = $row['last_updated']; echo "<hr>"; echo "<table width=\"450\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">"; echo "<tr>"; echo "<td><input name=\"checkbox[]\" type=\"checkbox\" id=\"checkbox[]\" value=\"".$id."\"></td>"; echo "<td>"; echo "<b>id:</b> $id<br>"; echo "<b>name:</b> $name<br>"; echo "<b>date:</b> $date<br>"; echo "<a href=\"update.php?id=$id\" target=\"_blank\">Edit</a>"; echo "</td>"; echo "</tr>"; echo "</table>"; } ?> <p><hr><input type="submit" name="approve" value="Approve"> <input type="submit" name="delete" value="Delete"></p> <?php include('../pear/Mail-1.2.0b1/Mail.php'); $error = 0; if (isset($_POST['approve']) && $num_results > 0) { foreach ($_POST['checkbox'] as $index => $val) { $query_2 = "SELECT account_id, name, email, DATE_FORMAT(expiry_date, '%b %e, %Y') AS expiry_date_formatted FROM model WHERE id = $val AND status = 'Pending' "; $result_2 = $db->query($query_2); $list = $result_2->fetch_assoc(); $account_id = $list['account_id']; $query_3 = "UPDATE model SET status = 'Active' WHERE id = $val AND status = 'Pending' "; $result_3 = $db->query($query_3); $password = substr(md5(uniqid(rand(),1)),rand(0,21),; $query_4 = "UPDATE member SET password = sha1('$password') WHERE model_id = $val AND account_id = $account_id "; $result_4 = $db->query($query_4); // This part isn't sending out emails $recipients = "".$list['email'].""; $headers['From'] = "[email protected]"; $headers['To'] = "".$list['email'].""; $headers['Subject'] = "Hello Hello Hello!"; $body = "Hi ".$list['name'].",\n\n" . "Account Number: ".$list['account_id']."\n\n" . "Password: ".$password."\n\n" . "Expiry Date: ".$list['expiry_date_formatted']."\n\n" . "Regards,\n" . "Admin"; $params['sendmail_path'] = "/usr/lib/sendmail"; // Create the mail object using the Mail::factory method $mail_object =& Mail::factory('sendmail', $params); $mail_object->send($recipients, $headers, $body); } } if ($result_1 && $result_2 && $result_3 && $result_4 && $error == 0) { echo "<meta http-equiv=\"refresh\" content=\"0;URL=pending-ads.php\">"; } ?> </form> </body> </html> Everything seems to be working except the email portion. Any ideas?