mysqli_stmt_bind_param(): error when trying to register

[ciresuark]

Hello, I have a registration page requesting simple information (first name, last name, email and password). When I click my 'register' button I receive the following errors:

Warning: mysqli_stmt_bind_param(): invalid object or resource mysqli_stmt in C:\xampp\htdocs\login\process-register-page.php on line 45

Warning: mysqli_stmt_execute(): invalid object or resource mysqli_stmt in C:\xampp\htdocs\login\process-register-page.php on line 47

Warning: mysqli_stmt_affected_rows(): invalid object or resource mysqli_stmt in C:\xampp\htdocs\login\process-register-page.php on line 48

Below is most of the code where I experience issues. The lines called out are: 

     mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
        // execute query
        mysqli_stmt_execute($q);
        if (mysqli_stmt_affected_rows($q) == 1) {    // One record inserted

if (empty($errors)) { // If everything's OK.
        // Register the user in the database...
        // Hash password current 60 characters but can increase
            $hashed_passcode = password_hash($password1, PASSWORD_DEFAULT);
               require ('msqli_connect.php'); // Connect to the db.
               // Make the query:
               $query = "INSERT INTO users (userid, first_name, last_name, ";
               $query .= "email, password, registration_date) ";
               $query .="VALUES(' ', ?, ?, ?, ?, NOW() )";
        $q = mysqli_stmt_init($dbcon);
        mysqli_stmt_prepare($q, $query);
        // use prepared statement to ensure that only text is inserted
        // bind fields to SQL Statement
        mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
        // execute query
        mysqli_stmt_execute($q);
        if (mysqli_stmt_affected_rows($q) == 1) {    // One record inserted
               header ("location: register-thanks.php");
               exit();
         } else { // If it did not run OK.
               // Public message:
               $errorstring =
               "<p class='text-center col-sm-8' style='color:red'>";
               $errorstring .=
               "System Error<br />You could not be registered due ";
               $errorstring .=
               "to a system error. We apologize for any inconvenience.</p>";
               echo "<p class=' text-center col-sm-2'
               style='color:red'>$errorstring</p>";
               // Debugging message below do not use in production
               //echo '<p>' . mysqli_error($dbcon) . '<br><br>Query: ' .
                  $query . '</p>';
               mysqli_close($dbcon); // Close the database connection.
               // include footer then close program to stop execution
               echo '<footer class="jumbotron text-center col-sm-12"
                   style="padding-bottom:1px; padding-top:8px;">
             include("footer.php");
             </footer>';
               exit();
               }
        } else { // Report the errors.
               $errorstring =
                 "Error! <br /> The following error(s) occurred:<br>";
           foreach ($errors as $msg) { // Print each error.
                       $errorstring .= " - $msg<br>\n";
           }
           $errorstring .= "Please try again.<br>";
           echo "<p class=' text-center col-sm-2'
               style='color:red'>$errorstring</p>";
           }// End of if (empty($errors)) IF.
           }
   catch(Exception $e) // We finally handle any problems here
   {
     // print "An Exception occurred. Message: " . $e->getMessage();
     print "The system is busy please try later";
   }
   catch(Error $e)
   {
      //print "An Error occurred. Message: " . $e->getMessage();
      print "The system is busy please try again later.";
   }
?>

I have done some searching around to try and figure out the issue; but I can't seem to put my finger on it. This is a new database, and I haven't been able to get test registered as of yet. Any help would be appreciated.

Thank you

[ginerjm]

Where do declare the object that you created when you connected to the db?  Each of these calls needs to be attached to something.  RT(F)M.  You should be showing the connection call as well as the prepare call.

Edited March 2, 2020 by ginerjm

[ciresuark]

Here is the start of the script.

     mysqli_stmt_bind_param($q, 'ssss', $first_name, $last_name, $email, $hashed_passcode);
        // execute query
        mysqli_stmt_execute($q);
        if (mysqli_stmt_affected_rows($q) == 1) {    // One record inserted

There is a separate PHP file called out at the top of the original post: require ('msqli_connect.php');

Hope that answers the question. 

[ginerjm]

Again - where is the start.  Still don't see where you make your connect or do your prepare.  If you READ the manual you would see that you need to have that 'handle' to use in these functions and I don't see where you have done that.

You should have 

$link = mysqli_connect(......);

and 

$q = "select ..........";

$stmt = mysqli-prepare($link, $q);

 

which are then followed by:

mysqli_stmt_bind_param($stmt,..........)

mysqli_stmt_execute($stmt);

See?

(This is all taken from the manual)

[ciresuark]

My apologies. The primary connection is made in the mysql_connect.php file. 

<?php
// Create a connection to the logindb database.
// Set the encoding and the access details as constants:
Define ('DB_USER', '***');
Define ('DB_PASSWORD', '***');
Define ('DB_HOST', '***');
Define ('DB_NAME', '***');
// Make the connection:
$dbcon = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
mysqli_set_charset($dbcon, 'utf8');
?>

I'm looking at the manual (https://www.php.net/mysqli_error). Were you pulling this information from another section? I would like to learn, and find resources to check first prior to posting. Just trying to get my bearings. I just started PHP a few weeks ago.

[mac_gyver]

your code has no error handling for the database statements that can fail - connection, query, prepare, and execute. as a result of this, you are getting follow-on php errors, that are not where the real problem is at, because the code continues to run when one of these database statements fail.

the simplest way of adding error handling for these database statements is to use exceptions for errors and in most cases let php catch and handle the exception, where it will use its error related settings to control what happens with the actual error information (database statement errors will 'automatically' get logged or displayed the same as php errors.) the exception to this rule is when inserting/updating user supplied data and you need to detect duplicate or out of range values. in this case, you code would catch the exception, detect if the error number is for something that your code can handle, then setup a message telling the user what was wrong with the data that they submitted.

to use exceptions for errors for the mysqli extension, add the following line of code before the point where you make your database connection -

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

next, if you switch to the much simpler and more consistent PDO extension, over half of the php statements will go away and there's also no good reason to be concatenating multiple lines together when building the sql query statement or html content. 

Edited March 2, 2020 by mac_gyver