Jump to content


Photo

Call to a member function bind_param() on boolean ERROR

php mysql

  • Please log in to reply
9 replies to this topic

#1 Zeehamster

Zeehamster
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 30 July 2017 - 07:07 PM

I have a error and i dont know how to fix it:

 

 

ERROR:

[Sun Jul 30 20:44:28.030608 2017] [proxy_fcgi:error] [pid 1222:tid 140689320777472] [] AH01071: Got error 'PHP message: PHP Fatal error: Call to a member function bind_param() on boolean in /home/timavnl/domains/tim-av.nl/public_html/6628/job/login_1.php on line 26\n', referer: http://tim-av.nl/6628/job/index.php

 

PHP CODE (LOGIN1.PHP):

<?php
    include("dbcon.php");
    include("functions.php");
 
    $username = $_POST['username'];
    $password = $_POST['password'];
 
if ( $username == "" || $password == "" ) {
    echo "Gebruikersnaam en Wachtwoord moeten ingevuld zijn!";
   } else {
    if ( hasInvalidCharacters($username) ) {
    echo "Gebruikersnaam kan alleen letters bevatten [a-z A-Z]";
    } else {
 
    $sql = "
       SELECT
           password
       FROM
           timavnl_1
       WHERE
           username = ?
       LIMIT 1;
    ";
 
    $stmt = $mysqli->prepare($sql);
    $stmt->bind_param('s', $username);
    $stmt->execute();
    $stmt->bind_result($hashedPw);
 
    $stmt-> fetch();
    if ( crypt($password, $hashedPw) == $hashedPw ) {
 
    echo "Wachtwoord komt overeen";
 
    } else {
 
    echo "Wachtwoord komt NIET overeen";
 
    }
   }
}
 
 

 

?>
 
FUNCTIONS.PHP
<?php
    
    function hasInvalidCharacters($text) {
    return (bool) preg_match('/[äöüß "!§$%&\/()=[\]\?.:,;\-_]/x', $text);
 
    }
 
 
    function encrypt($input, $rounds = 12) {
 
    $salt = "";
 
    $saltChars = array_merge(range('A','Z'), range('a','z'), range('0','9'));
    for ($i = 0; $i < 22; $i++) {
    $salt .= $saltChars[array_rand($saltChars)];
 
    }
 
    return crypt($input, sprintf('$2y$%02d$', $rounds) . $salt );
 
 
}
 
?>
 
 
Greetings,
Job.

 



#2 requinix

requinix
  • Administrators
  • Impoverished Administrator
  • 9,873 posts
  • LocationWA

Posted 30 July 2017 - 07:43 PM

It means your query
 $sql = "
       SELECT
           password
       FROM
           timavnl_1
       WHERE
           username = ?
       LIMIT 1;
    ";
is invalid. Perhaps the table does not exist?
"Basically, I think the general rule of thumb is: if someone really wants the blood that's inside of your body, and they're like a vampire, or a dracula, or some sort of man-squito, then that's probably okay. A dracula and a man-squito are made for removing things like blood and swords from inside your body. That's basically fine. If something wants to get at your blood and they're, say, some kind of murdersaurus, or maybe a really big frog, that's where the problems start to arise. A really big frog is not made for removing blood, and your blood knows this, which is why it is so vehement about wanting to stay in your body instead of coming out. Unfortunately this will not deter a really big frog because a really big frog is full of things like prizes, and value, and quite a lot of hatred, and it would really rather like to replace any and all of those things with your blood, and basically by any means possible." --slumbermancer

#3 Zeehamster

Zeehamster
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 30 July 2017 - 08:08 PM

It means your query

 $sql = "
       SELECT
           password
       FROM
           timavnl_1
       WHERE
           username = ?
       LIMIT 1;
    ";
is invalid. Perhaps the table does not exist?

 

 

I changed it to:

 

FROM

          timavnl_1.gebruikers

 

still the same error..

Here is a picture of the database:

http://prntscr.com/g28net



#4 requinix

requinix
  • Administrators
  • Impoverished Administrator
  • 9,873 posts
  • LocationWA

Posted 30 July 2017 - 08:47 PM

What does $stmt->error show?
"Basically, I think the general rule of thumb is: if someone really wants the blood that's inside of your body, and they're like a vampire, or a dracula, or some sort of man-squito, then that's probably okay. A dracula and a man-squito are made for removing things like blood and swords from inside your body. That's basically fine. If something wants to get at your blood and they're, say, some kind of murdersaurus, or maybe a really big frog, that's where the problems start to arise. A really big frog is not made for removing blood, and your blood knows this, which is why it is so vehement about wanting to stay in your body instead of coming out. Unfortunately this will not deter a really big frog because a really big frog is full of things like prizes, and value, and quite a lot of hatred, and it would really rather like to replace any and all of those things with your blood, and basically by any means possible." --slumbermancer

#5 mac_gyver

mac_gyver
  • Staff Alumni
  • Staff Alumni
  • 4,148 posts

Posted 30 July 2017 - 09:02 PM

^^^ actually, $stmt->anything won't work because $stmt is a Boolean false. depending what's in  $mysqli (if not an already closed mysqli connection),  echoing $mysqli->error may provide some helpful information.


multi-purpose programming fool. well written source-code should be self-documenting. well written code should be self-troubleshooting.

#6 Zeehamster

Zeehamster
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 30 July 2017 - 09:04 PM

What does $stmt->error show?

 

I cant see the error because of the PHP ERROR 500

 

If i dont fill in any login credentials at the index.php i get a warning screen with: You need to fill in username & password

 

So the error is only showing up when i fill in the password wich is encrypted with $salt.


Edited by Zeehamster, 30 July 2017 - 09:09 PM.


#7 gizmola

gizmola
  • Administrators
  • Advanced Member
  • 4,722 posts
  • LocationLos Angeles, CA USA

Posted 30 July 2017 - 09:13 PM

Look in your web & php log(s). The error should be logged somewhere.

#8 Zeehamster

Zeehamster
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 30 July 2017 - 09:29 PM

Look in your web & php log(s). The error should be logged somewhere.

[Sun Jul 30 23:29:18.017047 2017] [proxy_fcgi:error] [pid 21373:tid 140689698318080] [client ip] AH01071: Got error 'PHP message: PHP Fatal error: Call to a member function bind_param() on boolean in /home/timavnl/domains/tim-av.nl/public_html/6628/job/login_1.php on line 26\n', referer: http://tim-av.nl/6628/job/index.php

 

This is the only error im getting in my Web error log



#9 requinix

requinix
  • Administrators
  • Impoverished Administrator
  • 9,873 posts
  • LocationWA

Posted 30 July 2017 - 09:34 PM

^^^ actually, $stmt->anything won't work because $stmt is a Boolean false.

Er, right, wrong variable. Whichever one is the mysqli object.
"Basically, I think the general rule of thumb is: if someone really wants the blood that's inside of your body, and they're like a vampire, or a dracula, or some sort of man-squito, then that's probably okay. A dracula and a man-squito are made for removing things like blood and swords from inside your body. That's basically fine. If something wants to get at your blood and they're, say, some kind of murdersaurus, or maybe a really big frog, that's where the problems start to arise. A really big frog is not made for removing blood, and your blood knows this, which is why it is so vehement about wanting to stay in your body instead of coming out. Unfortunately this will not deter a really big frog because a really big frog is full of things like prizes, and value, and quite a lot of hatred, and it would really rather like to replace any and all of those things with your blood, and basically by any means possible." --slumbermancer

#10 Jacques1

Jacques1
  • Members
  • PipPipPip
  • Turtles all the way down
  • 4,224 posts

Posted 30 July 2017 - 10:01 PM

Before you do anything, you need to actually learn how to use mysqli – or even better: switch to PDO. mysqli isn't the kind of extension which “just works” as long as the code vaguely makes sense. It's a hard-core low-level interface for people who carefully read the manual and spend a lot of time getting every detail right. Let's be honest here: That's not how you operate.

 

If, for some crazy reason, you want to use mysqli nonetheless, then the first thing you need to learn is error handling. You can't just assume that methods never fail. As you just saw, they do. That means you either have to check – every – single – return value. Or you must enable exceptions. If you enable exceptions, do not catch them. I know PHP programmers have the strange urge to wrap everything in try-catch statements and print error messages on the screen. But exceptions should usually be left alone.

 

That crypt() stuff you've copied and pasted from the Internet is also messed up. Again: Read the manual. It explicitly tells you to use the Password Hash API. Like mysqli, crypt() is a low-level interface not intended for the average programmer. And it's even harder to use.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users