Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Oct 2008
    Posts
    255
    Thanks
    113
    Thanked 0 Times in 0 Posts

    The Prepared Statement Is Not Getting Set

    PHP Code:
    <?php

      
    // start the session
      
      
    session_name('uhoh');
      
    session_set_cookie_params(900);
      
    session_start();
      
      
    // require the connection and salt settings
      
      
    require_once("path_to_connection");
      
      require_once(
    "path_to_salt");
      
      
    $conn my_access;
      
      
    // process the form
      
      
    if (array_key_exists('submit'$_POST) && !empty($_POST['submit']))
      {
      
        
    // begin check to see if the fields are set
        
        
    $fields = array
        (
        
          
    // true = required, false = expected
          
          
    'user' => true,
          
    'pwd' => true
          
        
    );
        
        function 
    trim_value(&$value// function from php.net
        
    {
        
          
    $value trim($value);
          
        }
        
        
    // create an empty array for missing elements
        
        
    $missing = array();
        
        foreach (
    $fields as $field => $expected)
        {
        
          if (!isset(
    $_POST[$field]) && $expected)
          {
          
            
    $missing[] = $field;
            
          }
          
          else 
    // clean up
          
    {
          
            if (
    is_array($_POST[$field]))
            {
            
              
    array_walk($_POST[$field], 'trim_value');
              
            }
            
            else
            {
            
              
    $_POST[$field] = trim($_POST[$field]);
              
            }
            
           }
           
         }
         
         if (empty(
    $missing))
         {
         
           
    $username $_POST['user'];
           
    $password $_POST['pwd'];
           
    $password md5($saltmd5($password $salt));
           
           
    $query "SELECT `user_id`, `admin`, `username`, `pwd` FROM `users` WHERE `username` = ? AND `pwd` = ? LIMIT 1";
           
           
           
           
           if (
    $stmt $conn->prepare($query))
           {
           
             
    // bind the parameters
             
             
    $stmt->bind_param('ss'$newUser$newPwd);
             
             
    $newUser $username;
             
    $newPwd $password;
             
             
             
             if (
    $stmt->execute())
             {
             
               
    // bind the results
               
              
    $stmt->bind_result($jID$jAdmin$jName$jPwd);
               
               if (
    $stmt->fetch())
               {
               
                 
    // check to see if he's an Admin
                 
                 
    if ($jAdmin != 1)
                 {
                 
                   
    $notJonathan true;
                   
                   exit;
                   
                 }
                 
                 else
                 {
                 
                   
    $_SESSION['jonathan'] = true;
                   
    $_SESSION['id'] = $jID;
                   
    $_SESSION['name'] = $jName;
                   
                   
    // redirect him
                   
                   
    header("Location: https://uhrebirth.com/staff/death.php");
                   
                 }
                 
               }
               
               else
               {
               
                 
    // could find the data
                 
                 
    $noExistence true;
                 
               }
               
             }
             
             else
             {
             
               
    $noExecution true;
               
             }
             
             
    $stmt->close();
             
           }
           
         }
         
         
    $conn->close();
         
       }
       
     
    ?>
    For some reason, the $stmt variable keeps returning false, And I don't know why. Any ideas?
    Last edited by Joseph Witchard; 11-30-2008 at 06:34 AM.

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Is $conn a typeof MySQLi or MySQLi_Stmt? I assume that $conn is of type mysqli which means you need to create a statement object first with $conn->stmt_init();
    The result can then use the ->prepare method.

    Try that out, post back you're findings, I don't use a lot of MySQLi (except really as if it were MySQL :P)

    Edit:
    I lied; I found the method on the actual MySQLi object.

    Can you post which line in specific it is? I assumed it was this:
    if ($stmt = $conn->prepare($query))
    but can you confirm that please?

    Oh, and I also assumed that you're connection was open. Double check that, it will catch you every time, trust me
    Last edited by Fou-Lu; 11-30-2008 at 07:31 AM.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •