Jump to content

mysqli_stmt_bind_param(): error when trying to register


ciresuark
 Share

Recommended Posts

Hello, I have a registration page requesting simple information (first name, last name, email and password). When I click my 'register' button I receive the following errors:


Warning: mysqli_stmt_bind_param(): invalid object or resource mysqli_stmt in C:\xampp\htdocs\login\process-register-page.php on line 45

Warning: mysqli_stmt_execute(): invalid object or resource mysqli_stmt in C:\xampp\htdocs\login\process-register-page.php on line 47

Warning: mysqli_stmt_affected_rows(): invalid object or resource mysqli_stmt in C:\xampp\htdocs\login\process-register-page.php on line 48

Below is most of the code where I experience issues. The lines called out are: 

     mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
        // execute query
        mysqli_stmt_execute($q);
        if (mysqli_stmt_affected_rows($q) == 1) {    // One record inserted
if (empty($errors)) { // If everything's OK.
        // Register the user in the database...
        // Hash password current 60 characters but can increase
            $hashed_passcode = password_hash($password1, PASSWORD_DEFAULT);
               require ('msqli_connect.php'); // Connect to the db.
               // Make the query:
               $query = "INSERT INTO users (userid, first_name, last_name, ";
               $query .= "email, password, registration_date) ";
               $query .="VALUES(' ', ?, ?, ?, ?, NOW() )";
        $q = mysqli_stmt_init($dbcon);
        mysqli_stmt_prepare($q, $query);
        // use prepared statement to ensure that only text is inserted
        // bind fields to SQL Statement
        mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
        // execute query
        mysqli_stmt_execute($q);
        if (mysqli_stmt_affected_rows($q) == 1) {    // One record inserted
               header ("location: register-thanks.php");
               exit();
         } else { // If it did not run OK.
               // Public message:
               $errorstring =
               "<p class='text-center col-sm-8' style='color:red'>";
               $errorstring .=
               "System Error<br />You could not be registered due ";
               $errorstring .=
               "to a system error. We apologize for any inconvenience.</p>";
               echo "<p class=' text-center col-sm-2'
               style='color:red'>$errorstring</p>";
               // Debugging message below do not use in production
               //echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' .
                  $query . '</p>';
               mysqli_close($dbcon); // Close the database connection.
               // include footer then close program to stop execution
               echo '<footer class="jumbotron text-center col-sm-12"
                   style="padding-bottom:1px; padding-top:8px;">
             include("footer.php");
             </footer>';
               exit();
               }
        } else { // Report the errors.
               $errorstring =
                 "Error! <br /> The following error(s) occurred:<br>";
           foreach ($errors as $msg) { // Print each error.
                       $errorstring .= " - $msg<br>\n";
           }
           $errorstring .= "Please try again.<br>";
           echo "<p class=' text-center col-sm-2'
               style='color:red'>$errorstring</p>";
           }// End of if (empty($errors)) IF.
           }
   catch(Exception $e) // We finally handle any problems here
   {
     // print "An Exception occurred. Message: " . $e->getMessage();
     print "The system is busy please try later";
   }
   catch(Error $e)
   {
      //print "An Error occurred. Message: " . $e->getMessage();
      print "The system is busy please try again later.";
   }
?>

I have done some searching around to try and figure out the issue; but I can't seem to put my finger on it. This is a new database, and I haven't been able to get test registered as of yet. Any help would be appreciated.

Thank you

Link to comment
Share on other sites

Where do declare the object that you created when you connected to the db?  Each of these calls needs to be attached to something.  RT(F)M.  You should be showing the connection call as well as the prepare call.

Edited by ginerjm
Link to comment
Share on other sites

Here is the start of the script.

     mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
        // execute query
        mysqli_stmt_execute($q);
        if (mysqli_stmt_affected_rows($q) == 1) {    // One record inserted

There is a separate PHP file called out at the top of the original post: require ('msqli_connect.php');

Hope that answers the question. 

Link to comment
Share on other sites

Again - where is the start.  Still don't see where you make your connect or do your prepare.  If you READ the manual you would see that you need to have that 'handle' to use in these functions and I don't see where you have done that.

You should have 

$link = mysqli_connect(......);

and 

$q = "select ..........";

$stmt = mysqli-prepare($link, $q);

 

which are then followed by:

mysqli_stmt_bind_param($stmt,..........)

mysqli_stmt_execute($stmt);

See?

(This is all taken from the manual)

Link to comment
Share on other sites

My apologies. The primary connection is made in the mysql_connect.php file. 

<?php
// Create a connection to the logindb database.
// Set the encoding and the access details as constants:
Define ('DB_USER', '***');
Define ('DB_PASSWORD', '***');
Define ('DB_HOST', '***');
Define ('DB_NAME', '***');
// Make the connection:
$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
mysqli_set_charset($dbcon, 'utf8');
?>

I'm looking at the manual (https://www.php.net/mysqli_error). Were you pulling this information from another section? I would like to learn, and find resources to check first prior to posting. Just trying to get my bearings. I just started PHP a few weeks ago.

Link to comment
Share on other sites

your code has no error handling for the database statements that can fail - connection, query, prepare, and execute. as a result of this, you are getting follow-on php errors, that are not where the real problem is at, because the code continues to run when one of these database statements fail.

the simplest way of adding error handling for these database statements is to use exceptions for errors and in most cases let php catch and handle the exception, where it will use its error related settings to control what happens with the actual error information (database statement errors will 'automatically' get logged or displayed the same as php errors.) the exception to this rule is when inserting/updating user supplied data and you need to detect duplicate or out of range values. in this case, you code would catch the exception, detect if the error number is for something that your code can handle, then setup a message telling the user what was wrong with the data that they submitted.

to use exceptions for errors for the mysqli extension, add the following line of code before the point where you make your database connection -

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

next, if you switch to the much simpler and more consistent PDO extension, over half of the php statements will go away and there's also no good reason to be concatenating multiple lines together when building the sql query statement or html content. 

Edited by mac_gyver
Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.