vishalonne Posted October 7, 2012 Share Posted October 7, 2012 Hi Every Body I am facing problem in retreving the data from my mysql table I want to use prepared statement with mysqli for security reason. Here is my code Please give a guidance - <?php $host="localhost"; // Host name $username="**********"; // Mysql username $password="**********"; // Mysql password $db_name="**********"; // Database name $tbl_name1="**********"; // tem Table name $tbl_name2="**********"; // registered user table $mysqli = new mysqli($localhost, $username, $password, $db_name); if ($mysqli->connect_errno) { echo "Connection Failed: " . mysqli_connect_errno(); exit(); } $count=null; $passkey=$_GET['passkey']; echo $passkey; // exact passkey printed if($stmt = $mysqli -> prepare("SELECT * FROM $tbl_name1 WHERE confirm_code=?")) { $stmt -> bind_param("s", $passkey); $stmt -> execute(); $stmt->store_result(); $count=$stmt->num_rows; echo "\n".$count; // getting the value 1 which is correct if($count==1) { while($rows = $stmt->fetch_assoc()) { $v_fname=$rows['temp_first_name']; $v_lname=$rows['temp_last_name']; $v_sex=$rows['temp_sex']; $v_phone=$rows['temp_phone']; $v_city=$rows['temp_state']; $v_state=$rows['temp_city']; $v_pin=$rows['temp_pin']; $v_schoolname=$rows['temp_school_name']; $v_class=$rows['temp_class']; $v_subject=$rows['temp_computer_subject']; $v_board=$rows['temp_board']; $v_session=$rows['temp_session']; $v_email=$rows['temp_email']; $password=$rows['temp_password']; $v_salt=$rows['temp_salt']; if (!($insert_stmt = $mysqli->prepare("INSERT INTO $tbl_name2 (first_name,last_name,sex,phone,state,city,pin,school_name,class,computer_subject,board, session,email,password,salt) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"))) { echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if(!$insert_stmt->bind_param('sssiiisssssssss',$v_fname,$v_lname,$v_sex,$v_phone,$v_city,$v_state,$v_pin, $v_schoolname,$v_class,$v_subject,$v_board,$v_session,$v_email, $password,$v_salt)) { echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if(!$insert_stmt->execute()) { echo "Execute failed: (" . $mysqli->errno . ") " . $mysqli->error; } else { //echo "Data saved properly"; $flag=1; if($flag==1) { echo "<body bgcolor='#FFFF99'>"; echo "<p align='center'><font color='#008000' size='6' face='Verdana'>"; echo "Congratulation...!! </font>"; echo "</br>"; echo "<font color='e80005' size='5'>Your account has been activated</font>"; if ($stmt = $mysqli->prepare("DELETE FROM $tbl_name1 WHERE confirm_code = ? LIMIT 1")) { $stmt->bind_param("s",$passkey); $stmt->execute(); } } } } } } else { echo "Select Failed: (" . $mysqli->errno . ") " . $mysqli->error; echo "<body bgcolor='#FFFF99'>"; echo "<p align='center'><font color='#e80005' size='6' face='Verdana'>"; echo "SORRY...! </font>"; echo "</br>"; echo "<font color='#e80005' size='5'>Your Confirmation code is not correct</font>"; } $stmt->close(); Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 7, 2012 Share Posted October 7, 2012 When you ask people to help you figure out why errors are occurring, it would be helpful to post the errors also. Quote Link to comment Share on other sites More sharing options...
vishalonne Posted October 7, 2012 Author Share Posted October 7, 2012 Sorry Pikachu Error is - Fatal error: Call to undefined method mysqli_stmt::fetch_assoc() in /home/cbsecpsn/public_html/confirmation.php on line 38 Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 7, 2012 Share Posted October 7, 2012 I rarely use prepared statements, but I think you need to drop the _assoc from it. If I recall, it should be while($rows = $stmt->fetch()) Quote Link to comment Share on other sites More sharing options...
xyph Posted October 7, 2012 Share Posted October 7, 2012 (edited) Probably, because that function doesn't exist? The manual is a necessary reference, you have to learn to check there first http://www.php.net/m...mysqli-stmt.php As to your problem, http://www.php.net/m...-stmt.fetch.php Ninja'd. Edited October 7, 2012 by xyph Quote Link to comment Share on other sites More sharing options...
Barand Posted October 7, 2012 Share Posted October 7, 2012 (edited) fetch_assoc() is a mysqli result object method.http://www.php.net/m...sqli-result.php Edited October 7, 2012 by Barand Quote Link to comment Share on other sites More sharing options...
vishalonne Posted October 7, 2012 Author Share Posted October 7, 2012 @Barand Yes I agree with you. Am I not implementing this function properly, I suppose I am doing some wrong pocedure to implemet it Quote Link to comment Share on other sites More sharing options...
vishalonne Posted October 7, 2012 Author Share Posted October 7, 2012 Thanx for guidence but I'm confused now how to fetch the value from array here I am modifying my code - if($stmt = $mysqli -> prepare("SELECT * FROM $tbl_name1 WHERE confirm_code=?")) { $stmt -> bind_param("s", $passkey); $stmt -> execute(); $stmt->store_result(); $count=$stmt->num_rows; echo "\n".$count; // getting the value 1 which is correct if($count==1) { $rows = $stmt->get_result(); $res=$rows->num_rows; $rows->data_seek($res); [b]// I am not getting link from here HOW CAN I get the value $rows->fetch_assoc());[/b] $v_fname=$rows['temp_first_name']; $v_lname=$rows['temp_last_name']; $v_sex=$rows['temp_sex']; $v_phone=$rows['temp_phone']; Quote Link to comment Share on other sites More sharing options...
jcbones Posted October 7, 2012 Share Posted October 7, 2012 if($stmt = $mysqli -> prepare("SELECT * FROM $tbl_name1 WHERE confirm_code=?")) { $stmt -> bind_param("s", $passkey); //bind param. $stmt -> execute(); //execute the query. $stmt->bind_result($temp_firstname,$temp_lastname,$temp_sex,$temp_phone); //bind results. $rows = $stmt->fetch(); //fetch results. $count=$stmt->num_rows; //count of rows. echo "\n".$count; // getting the value 1 which is correct if($count==1) //if count is equal to 1 { echo $temp_firstname . ', ' . $temp_lastname . ', ' . $temp_sex . ', ' . $temp_phone; //echo the bound variables. } This should work. (should as in this excerpt). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.