Search the Community
Showing results for tags 'prepare'.
-
I have this at the top of my index.php: <?php session_start(); // start of script every time. // setup a path for all of your canned php scripts $php_scripts = '/home/larry/web/test/php/'; // a folder above the web accessible tree // load the pdo connection module require $php_scripts . 'PDO_Connection_Select.php'; require $php_scripts . 'GetUserIpAddr.php'; //******************************* // Begin the script here $ip = GetUserIpAddr(); if (!$pdo = PDOConnect("foxclone")): { echo "Failed to connect to database" ; exit; } else: { $stmt = $pdo->prepare("INSERT INTO 'download' ('IP_ADDRESS', 'FILENAME') VALUES (?, ?"); $stmt->bindParam(1, $ip); $stmt->bindParam(2, $filename); $stmt->execute(); } endif; //exit(); ?> I'm getting the following error at the $pdo->prepare line: Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''download' ('IP_ADDRESS','FILENAME') VALUES (?, ?' at line 1 in /home/larry/web/test/public_html/index2.php:23 Stack trace: #0 /home/larry/web/test/public_html/index2.php(23): PDO->prepare('INSERT INTO 'do...') #1 {main} thrown in /home/larry/web/test/public_html/index2.php on line 23 I verified the format of the statement at https://www.w3schools.com/php/php_mysql_prepared_statements.asp but am unsure if it needs to be in the PDO_Connection_Select.php, or it belongs where I have it since the db is already connected.
-
im using the following to get get the followers of currently viewing user, but when i run this code , it gives me over 20000 times same username which is the only one who following that user ; really need help my head is not working ,,, i have tried to use inner join but not working (or i don't know how to make it work). code : <?php $stmt = $mysqli->prepare("SELECT follow_id from follow_user WHERE id= ?"); $stmt->bind_param('s', $viewuser); // Bind "$user_id" to parameter. $stmt->execute(); // Execute the prepared query. $stmt->store_result(); $stmt->bind_result($follow_id); // get variables from result. while($stmt->fetch()) { $stmt = $mysqli->prepare("SELECT id,username,profilepic from members WHERE id= ? LIMIT 1"); $stmt->bind_param('s', $follow_id); // Bind "$user_id" to parameter. $stmt->execute(); // Execute the prepared query. $stmt->store_result(); if($stmt->num_rows == 1) { $stmt->bind_result($id,$followusername,$followpic); // get variables from result. } ?> <?php echo $followusername; ?> <?php } ?>
-
I am changing my test code from mysqli to PDO. It worked for one of my forms but the other I racking my brain as to why it isn't. I have stripped it down, found a few typos but array 0000 error is occurring and I am unsure how to resolve it. Can you help? James connection $dbtype = "mysql"; $dbhost = "localhost"; $dbname = "mydb1"; $dbuser = "myusr1"; $dbpass = "mp1"; try { // database connection $conn = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbuser,$dbpass); $conn -> exec('SET CHARACTER SET utf8'); } catch(PDOException $e) { echo 'There was a problem'; } php $sql = "UPDATE catalogue SET title=:title, manufacturer=:manufacturer WHERE id=:id"; $q = $conn->prepare($sql); $q->bindParam(':id',$_POST['id'], PDO::PARAM_INT); $q->bindParam(':title',$_POST['title'], PDO::PARAM_STR); $q->bindParam(':manufacturer',$_POST['manufacturer'], PDO::PARAM_INT); if ($q->execute()){ echo "Saved successfully"; } else { echo "<br/> Crap, something went wrong <br/>"; //just for testing echo $sql." <br/>"; print_r($_POST); print_r($conn->errorCode()); echo "<br/>"; print_r($conn->errorInfo()); echo "<br/>"; } output Crap, something went wrong UPDATE catalogue SET title=:title, manufacturer=:manufacturer WHERE id=:id Array ( [title] => Madinoz Pty Ltd [manufacturer] => 71 [media_id] => 1 [category_id] => 17 [subcategory_id] => Please Select [notes] => This is some text. [keywords] => Hardware, Handles, Hooks, Rails, Fittings, [save] => Save [id] => 2 ) 00000 Array ( [0] => 00000 [1] => [2] => )
-
HI, I am building a PHP and Mysqli based shopping cart for my UNI project. I have been using prepared statements for everything so far and they work great. However I have hit my first problem. I cannot seem to insert data into the database using a prepared statement. I have written a function that first checks to see if a product already exists. this works well and if that product does not exist it should run the prepared stmt and insert the data. However it is skipping over the insert part and going straight to the 'else' section of the 'if' stating that a product could not be uploaded. Here is the function that is not working. As before the first part works well, just have a problem when it actually comes to add the product. function addProduct($productName, $productPrice, $productCategory, $productShortDesc, $productLongDesc, $productShipping, $productQTY) { //Check if item already exists $qry = "Select id FROM products WHERE name = ? LIMIT 1"; if ($stmt = $this->conn->prepare($qry)) { $stmt->bind_param('s', $productName); $stmt->execute(); $stmt->bind_result($p_id); if($stmt->fetch()) { echo "Sorry. That product already exists."; exit(); } else { $qry2 = ("INSERT INTO products (name, short_desc, long_desc, category, price, shipping, qty) VALUES('$productName', '$productShortDesc', '$productLongDesc', '$productCategory', '$productPrice','$productShipping', '$productQTY'"); if ($stmt = $this->conn->prepare($qry2)) { //Add item to DB $stmt->execute(); $stmt->insert_id; //Place image in folder $newname = "$pid.jpg"; move_uploaded_file($FILES['fileField']['tmp_name'], "../product_images/$newname"); } else { echo "Error adding new product, Please check all details and try again."; } } } } Regards Chris
-
<?php /* create a prepared statement */ if ($stmt = $mysqli->prepare("INSERT INTO userregistry (email,password11,firstname,lastname,contact,sex,dob,active,date) VALUES (?,?,?,?,?,?,?,?,?)")) { /* bind parameters for markers */ $stmt->bind_param("sssssssss", $email , $hash, $firstname , $secondname , $contact , $sex ,$dob , $active , $date); /* execute query */ $stmt->execute(); /* bind result variables */ $stmt->bind_result($email,$hash,$firstname,$secondname,$contact,$sex,$dob,$active,$date); $stmt->fetch(); /* close statement */ $stmt->close(); } /* close connection */ $mysqli->close(); ?> Well this is the code I've written to enter the above fields into a DB I keep getting the error Warning: mysqli_stmt::bind_result(): Number of bind variables doesn't match number of fields in prepared statement in D:\xampp\htdocs\bullet2\sqlienterintodb.phpon line 15 Any ideas ??