Search Results

Search found 316 results on 13 pages for 'mysqli'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/13 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • MySQLi insert into prepare error

    - by JPM
    Hi I inserted a lot of stuff into a mysql databse. But now I get an error in the prepare statement. I see Database prepare error. What am I doing wrong? This is my Code: $sql = "INSERT INTO Contact (IP,To,Name,Email,Subject,Text) VALUES ( ?, ?, ?, ?, ?, ? ) "; if (!$stmt = $db->prepare($sql)) { echo 'Database prepare error'; exit; } $stmt->bind_param('ssssss', $ip_contact, $to_contact, $name_contact, $email_contact, $subject_contact, $text_contact); if (!$stmt->execute()) { echo 'Database execute error'; exit; } $stmt->close(); My SQL table looks like this: Contact: - ID int(11) auto_increment primary key - IP varchar(15) - To varchar(5) - Name varchar(20) - Email varchar(20) - Subject varchar(20) - Text varchar(600)

    Read the article

  • Infinite sharing system (PHP/MySQLi)

    - by Toine Lille
    I'm working on a discount system for whichever customer shares a product and brings in new customers. Each unique visit = $0.05 off, each new customer = $0.50 off (it's a cheap product so yeah, no big numbers). When a new customer shares the site, the customer initially responsible for the new customer (if any) will get half of the new customer's discount as well. The initial customer would get a fourth for the next level and the new customer half of that, etc, creating a tree or pyramid that way that could be infinite. Initial customer ($1.35 discount: 2 new+3 visits + half of 1 new+2 visits) Visitor ($0) Visitor ($0) New customer ($0.60) Visitor ($0) Visitor ($0) Newer customer ($0) New customer ($0) Visitor ($0) The customers are saved along with their IP addresses (bin2hex(inet_pton)) in a database table (customers) with info like a unique id, e-mail address and first date/time the purchased a product (= time of registration). The shares are saved in a separate table within the same database (sharing). Each unique IP addresses that visits the site creates a new row featuring the IP address (also saved as bin2hex(inet_pton)), the id of the customer who shared it and the date/time of the visit. Sharing goes via URL, featuring a GET element containing the customer's id. Visits and new customers overlap, as visits will always occur before the new customer does. That's fine. The date/times are used just to make it a little more secure (I also use the IP along with cookies to see if people cheat the system). If an IP is already in the sharing or customer tables, it does not count and will not create a new entry. Now the problem is, how to make the infinity happen and apply the different values to it? That's all I'd need to know. It needs to calculate the discount for each customer separately, but also allow for monitoring altogether (though that's just a matter of passing all ID's through it). I figured I'd start (after the database connection) with $stmt = $con->prepare('SELECT ip,datetime FROM sharing WHERE sender=?'); $stmt->bind_param('i',$customerid); $stmt->execute(); $stmt->store_result(); $discount = $discount + ($stmt->num_rows * 0.05); $stmt->bind_result($ip,$timeofsharing); to translate all the visits to $0.05 of discount each. To check for the new customers that came from these visits, I wrote the following: while ($sql->fetch()) { $stmt2 = $con->prepare("SELECT datetime FROM users WHERE ip=?"); $stmt2->bind_param('s',$ip); $stmt2->execute(); $stmt2->store_result(); $stmt2->bind_result($timeofpurchase); Followed by a little more security comparing the datetimes: while ($stmt2->fetch()) { if (strtotime($timeofpurchase) < strtotime($timeofsharing)) { $discount = $discount + $0.50; } But this is just for the initial customer's direct results. If I'd want to check for the next level, I'd basically have to put the exact same check and loop in itself, checking each new customer the initial customer they brought to the site, and then for the next level again to check all of the newer customers, etc, etc. What to do? / Where to go? / What would be the correct practice for this? Thanks!

    Read the article

  • mysqli::query returns true on SELECT statement

    - by Travis Pessetto
    I have an application that reads in one of its classes: public function __construct() { global $config; //Establish a connection to the database and get results set $this->db = new Database("localhost",$config["dbuser"],$config["dbpass"],"student"); $this->records = $this->db->query("SELECT * FROM major") or die("ERROR: ".$this->db->error); echo "<pre>".var_dump($this->records)."</pre>"; } My problem is that var_dump shows that $this->records is a boolean. I've read the documentation and see that the SELECT query should return a result set. This is the only query used by the application. Any ideas where I am going wrong?

    Read the article

  • MySQLi String comparisons using keys

    - by asdasd
    I have a table with lets say 2 columns. id number, and value. Value is a string (var char). Lets say i have a number x, and a list of numbers a1, a2, a3, a4, a5..... where x is not in the list. All of these numbers correspond to a unique row in the table. I want to know if the string value for x in the table is contained in one of the string values for any table entry for a1, a2, a3, a4... Lets say i have these rows: x, aaa a1, bbb a2, ccc a3, ddd a4, aaabbbcc then i want somehow a confirmation that yes, the value for x is included in one of the values in my list of numbers (a4 contains x). I know i can do this in a couple queries and shove it down some PHP and get my answer. But can i do this with one query?

    Read the article

  • Parameter error with Mysqli

    - by Morgan Green
    When I run this Query I recieve Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in /home/morgan58/public_html/wow/includes/index/index_admin.php on line 188 SELECT * FROM characters WHERE id=5 Warning: mysqli_free_result() expects parameter 1 to be mysqli_result, boolean given in /home/morgan58/public_html/wow/includes/index/index_admin.php on line 194 The Query is running and it is strying to select the correct information, but for on the actual output it's giving me a fetch_array error; if anyone can see where the error lies it'd be much appreciated. Thank you. <?php $adminid= $admin->get_id(); $characterdb= 'characters'; $link = mysqli_connect("$server", "$user", "$pass", "$characterdb"); if (mysqli_connect_errno()) { printf("Connect failed: %s\n", mysqli_connect_error()); exit(); } $query = "SELECT * FROM characters WHERE id=$adminid"; $result = mysqli_query($link, $query); while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { echo $query; echo $row['name']; } mysqli_free_result($result); mysqli_close($link); ?>

    Read the article

  • MySQLi - declaring variable after bind_param?

    - by Kerry
    This may be a completely dumb question, but I've seen a couple examples declaring the variables AFTER putting them in bind_param: http://devzone.zend.com/article/686 I've never seen this done before and all my programming knowledge says I should define them before hand. Is this a valid/preferred way?

    Read the article

  • MySQLI Prepared Statement Not Binding Properly

    - by Sev
    Any reason why the following code won't work? $dbconnection = db::getInstance(); //this is a singleton db class $stmt = $dbconnection->prepare("SELECT `id` from `table` where `username`=?"); $stmt->bind_param("s", $username); $stmt->execute(); $stmt->bind_result($uid); $stmt->fetch(); echo $uid; The same connection method is used elsewhere, and it works there. The only difference on that other page where it works, is that there are multiple rows fetched, not just one.

    Read the article

  • MySQLi - Should every statement be prepared?

    - by Kerry
    I know its supposed to improve performance and clean strings, but lets say there are no variables? Might just be a SELECT COUNT( `column` ) AS count FROM `table` Should that be prepared? Is there any case that a SELECT statement should not be prepared?

    Read the article

  • PHP 5.4.9 Mysqli issue

    - by Vitaly
    On Ubuntu 12.04 server I had PHP 5.4.9 installed from the source: ./configure --prefix=/etc/php --with-apxs2=/etc/apache2/bin/apxs --with-config-file-path=/etc/php --with-config-file-scan-dir=/etc/php/conf.d --with-libxml-dir=/usr/local/libxml2 --with-xsl=/usr/local/libxslt --with-mysql --with-zlib --with-pdo-mysql --enable-calendar --with-gd --with-iconv-dir --enable-mbstring --enable-soap --enable-sockets --enable-zip --with-curl --with-openssl --with-kerberos --with-tidy' Then, using apt-get, I had mysql server and phpMyAdmin installed. Unfortunatelly phpMyAdmin keep saying that 'mysqli' and 'mcrypt' not installed. php -m | grep mysqli just confirms it. So I tried to install mysqli with "apt-get install php5-mysqli", but just got message to do it by means of "php5-mysqlnd" or "php5-mysql". Even though they are already installed (according to phpinfo()) I tried - doesn't work. However, in php.ini, there's mysqli staff like "extension=php_mysqli.dll", but no "extension=mysqli.so". And block [MySQLi] with some uncommented settings also present. Since this is my first attempt to build php from source I reckon I did some silly mistake. Any help is greatly appreciated.

    Read the article

  • LAMP setup - phpmyadmin says the mysqli extension is missing (but its listed in phpinfo)

    - by WebweaverD
    I regularly set up virtualbox ubuntu setups to run as local webservers. I have set these up several times and never had an issue. Recently I have been cloning them but wanted to do a fresh install this time in the hopes of fixing some niggling problems which have propagated through my setups. However, something has changed: 1)vb guest additions no longer allow me to copy and paste (i'll worry about that later) 2)more importantly phpmyadmin no longer works as installed - Initially going to localhost/phpmyadmin gave a message that the page could not be found. So I have followed some instructions (sorry I know its vague I cant find them now) which have created a phpmyadmin directory in /var/www but now I get an error saying: the mysqli extension is missing. If I run phpinfo mysql and mysqli are listed. All I have done so far is install apache2 (working) install php5 (which I think used to come with apache) Install mysql server (and client for good measure) and install phpmyadmin I found a post of a similar question which suggested I should install php5-mysql (done) and edit php.ini and uncomment the line extension-mysqli.so - this is not there, so I tried adding it with no joy. I have restarted apache and still no joy on phpmyadmin. Any help is much appreciated as this is driving me nuts. Why the change for the worse - I was just starting to like linux! I'm running a windows 7 machine and the guest os is ubuntu 12.04 - I ran apt-get update before doing anything so all packages should be the latest versions.

    Read the article

  • How to enable mysqli extension on redhat?

    - by nuthan
    My php.ini says: Additional .ini files parsed /etc/php53/php.d/curl.ini, /etc/php53/php.d/fileinfo.ini, /etc/php53/php.d/json.ini, /etc/php53/php.d/mysqli.ini, /etc/php53/php.d/mysql.ini, /etc/php53/php.d/pdo_mysql.ini, /etc/php53/php.d/phar.ini, /etc/php53/php.d/zip.ini mysqli.ini is loaded.. But still i get this, PHP Fatal error: Class 'mysqli' not found i tried enabling dynamic loading and initialize php scripts with dl("mysqli.so"); i also tried recompiling the php source: ./configure --with-mysql=/usr/lib64/mysql --with- mysqli=/usr/lib64/mysql/mysql_config even this didn't work. Can anybody help me solve my problem? Red Hat Enterprise Linux Server release 5 (Tikanga). x86_64 GNU/Linux. No access to RHN. Thanks.

    Read the article

  • Fatal error on a non-object

    - by Chris Leah
    Hey, so I have created a function to check the DB for unique entries, but when I call the function it doesn't seem to work and gives me a fatal error any ideas ? Thanks :) //Check for unique entries function checkUnique($table, $field, $compared) { $query = $mysqli->query('SELECT '.$mysqli->real_escape_string($field).' FROM '.$mysqli->real_escape_string($table).' WHERE "'.$mysqli->real_escape_string($field).'" = "'.$mysqli->real_escape_string($compared).'"'); if(!$query){ return TRUE; } else { return FALSE; } } The page calling it..... //Start session session_start(); //Check if the session is already set, if so re-direct to the game if(isset($_SESSION['id'], $_SESSION['logged_in'])){ Header('Location: ../main/index.php'); }; //Require database connection require_once('../global/includes/db.php'); require_once('../global/functions/functions.php'); //Check if the form has been submitted if (isset($_POST['signup'])){ //Validate input if (!empty($_POST['username']) && !empty($_POST['password']) && $_POST['password']==$_POST['password_confirm'] && !empty($_POST['email']) && validateEmail($_POST['email']) == TRUE && checkUnique('users', 'email', $_POST['email']) == TRUE && checkUnique('users', 'username', $_POST['username']) == TRUE) { //Insert user to the database $insert_user = $mysqli->query('INSERT INTO (`username, `password`, `email`, `verification_key`) VALUES ("'.$mysqli->real_escape_string($_POST['username']).'", "'.$mysqli-real_escape_string(md5($_POST['password'])).'", "'.$mysqli->real_escape_string($_POST['email']).'", "'.randomString('alnum', 32). '"') or die($mysqli->error()); //Get user information $getUser = $mysqli->query('SELECT id, username, email, verification_key FROM users WHERE username = "'.$mysqli->real_escape_string($_POST['username']).'"' or die($mysqli->error())); //Check if the $getUser returns true if ($getUser->num_rows == 1) { //Fetch associated fields to this user $row = $getUser->fetch_assoc(); //Set mail() variables $headers = 'From: [email protected]'."\r\n". 'Reply-To: [email protected]'."\r\n". 'X-Mailer: PHP/'.phpversion(); $subject = 'Activate your account (Music Battles.net)'; //Set verification email message $message = 'Dear '.$row['username'].', I would like to welcome you to Music Battles. Although in order to enjoy the gmae you must first activate your account. \n\n Click the following link: http://www.musicbattles.net/home/confirm.php?id='.$row['id'].'key='.$row['verification_key'].'\n Thanks for signing up, enjoy the game! \n Music Battles Team'; //Attempts to send the email if (mail($row['email'], $subject, $message, $headers)) { $msg = '<p class="success">Accound has been created, please go activate it from your email.</p>'; } else { $error = '<p class="error">The account was created but your email was not sent.</p>'; } } else { $error = '<p class="error">Your account was not created.</p>'; } } else { $error = '<p class="error">One or more fields contain non or invalid data.</p>'; } } Erorr.... Fatal error: Call to a member function query() on a non-object in /home/mbattles/public_html/global/functions/functions.php on line 5

    Read the article

  • What does Apache need to support both mysqli and PDO?

    - by Nathan Long
    I'm considering changing some PHP code to use PDO for database access instead of mysqli (because the PDO syntax makes more sense to me and is database-agnostic). To do that, I'd need both methods to work while I'm making the changeover. My problem is this: so far, either one or the other method will crash Apache. Right now I'm using XAMPP in Windows XP, and PHP Version 5.2.8. Mysqli works fine, and so does this: $dbc = new PDO("mysql:host=$hostname;dbname=$dbname", $username, $password); echo 'Connected to database'; $sql = "SELECT * FROM `employee`"; But this line makes Apache crash: $dbc->query($sql); I don't want to redo my entire Apache or XAMPP installation, but I'd like for PDO to work. So I tried updating libmysql.dll from here, as oddvibes recommended here. That made my simple PDO query work, but then mysqli queries crashed Apache. (I also tried the suggestion after that one, to update php_pdo_mysql.dll and php_pdo.dll, to no effect.) Test Case I created this test script to compare PDO vs mysqli. With the old copy of libmysql.dll, it crashes if $use_pdo is true and doesn't if it's false. With the new copy of libmysql.dll, it's the opposite. if ($use_pdo){ $dbc = new PDO("mysql:host=$hostname;dbname=$dbname", $username, $password); echo 'Connected to database<br />'; $sql = "SELECT * FROM `employee`"; $dbc->query($sql); foreach ($dbc->query($sql) as $row){ echo $row['firstname'] . ' ' . $row['lastname'] . "<br>\n"; } } else { $dbc = @mysqli_connect($hostname, $username, $password, $dbname) OR die('Could not connect to MySQL: ' . mysqli_connect_error()); $sql = "SELECT * FROM `employee`"; $result = @mysqli_query($dbc, $sql) or die(mysqli_error($dbc)); while ($row = mysqli_fetch_array($result,MYSQLI_ASSOC)) { echo $row['firstname'] . ' ' . $row['lastname'] . "<br>\n"; } } What does Apache need in order to support both methods of database query?

    Read the article

  • how to bind parameters correctly in example below in mysqli?

    - by user1421767
    In old mysql code, I had a query below which worked perfectly which is below: $questioncontent = (isset($_GET['questioncontent'])) ? $_GET['questioncontent'] : ''; $searchquestion = $questioncontent; $terms = explode(" ", $searchquestion); $questionquery = " SELECT q.QuestionId, q.QuestionContent, o.OptionType, an.Answer, r.ReplyType, FROM Answer an INNER JOIN Question q ON q.AnswerId = an.AnswerId JOIN Reply r ON q.ReplyId = r.ReplyId JOIN Option_Table o ON q.OptionId = o.OptionId WHERE "; foreach ($terms as $each) { $i++; if ($i == 1){ $questionquery .= "q.QuestionContent LIKE `%$each%` "; } else { $questionquery .= "OR q.QuestionContent LIKE `%$each%` "; } } $questionquery .= "GROUP BY q.QuestionId, q.SessionId ORDER BY "; $i = 0; foreach ($terms as $each) { $i++; if ($i != 1) $questionquery .= "+"; $questionquery .= "IF(q.QuestionContent LIKE `%$each%` ,1,0)"; } $questionquery .= " DESC "; But since that old mysql is fading away that people are saying to use PDO or mysqli (Can't use PDO because of version of php I have currently got), I tried changing my code to mysqli, but this is giving me problems. In the code below I have left out the bind_params command, my question is that how do I bind the parameters in the query below? It needs to be able to bind multiple $each because the user is able to type in multiple terms, and each $each is classed as a term. Below is current mysqli code on the same query: $questioncontent = (isset($_GET['questioncontent'])) ? $_GET['questioncontent'] : ''; $searchquestion = $questioncontent; $terms = explode(" ", $searchquestion); $questionquery = " SELECT q.QuestionId, q.QuestionContent, o.OptionType, an.Answer, r.ReplyType, FROM Answer an INNER JOIN Question q ON q.AnswerId = an.AnswerId JOIN Reply r ON q.ReplyId = r.ReplyId JOIN Option_Table o ON q.OptionId = o.OptionId WHERE "; foreach ($terms as $each) { $i++; if ($i == 1){ $questionquery .= "q.QuestionContent LIKE ? "; } else { $questionquery .= "OR q.QuestionContent LIKE ? "; } } $questionquery .= "GROUP BY q.QuestionId, q.SessionId ORDER BY "; $i = 0; foreach ($terms as $each) { $i++; if ($i != 1) $questionquery .= "+"; $questionquery .= "IF(q.QuestionContent LIKE ? ,1,0)"; } $questionquery .= " DESC "; $stmt=$mysqli->prepare($questionquery); $stmt->execute(); $stmt->bind_result($dbQuestionId,$dbQuestionContent,$dbOptionType,$dbAnswer,$dbReplyType); $questionnum = $stmt->num_rows();

    Read the article

  • Why would a script not like using MySQLi but is fine with MySQL?

    - by Taylor
    I'm having some issues using mysqli to execute a script with SELECT,DELETE,INSERT and UPDATE querys. They work when using norm mysql such as mysql_connect but im getting strange results when using mysqli. It works fine with a lot of the SELECT querys in other scripts but when it comes to some admin stuff it messes up. Its difficult to explain without attaching the whole script. This is the function for modifying... function database_queryModify($sql,&$insertId) { global $databaseServer; global $databaseName; global $databaseUsername; global $databasePassword; global $databaseDebugMode; $link = @mysql_connect($databaseServer,$databaseUsername,$databasePassword); @mysql_select_db($databaseName,$link); $result = mysql_query($sql,$link); if (!$result && $databaseDebugMode) { print "[".$sql."][".mysql_error()."]"; } $insertId = mysql_insert_id(); return mysql_affected_rows(); } and heres what I changed it to for mysqli function database_queryModify($sql,&$insertId) { global $databaseServer; global $databaseName; global $dbUser_feedadmin; global $dbUser_feedadmin_pw; global $databaseDebugMode; $link = @mysqli_connect($databaseServer,$dbUser_feedadmin,$dbUser_feedadmin_pw,$databaseName); $result = mysqli_query($link, $sql); if (!$result && $databaseDebugMode) { print "[".$sql."][".mysqli_error()."]"; } $insertId = mysqli_insert_id(); return mysqli_affected_rows(); } Does that look right? It isn't actually producing an error but its not functioning in the same way as when using mysql. any ideas?

    Read the article

  • mysqli and php requesting rows returned in object oriented scripting...

    - by Matt
    in object oriented php mysqli I am trying to request a username, and return if it matches a row, without actually returning any user data. How would I write this?...so far I have... $sql = "SELECT NULL FROM database WHERE usernick=?"; $stmt = $link->prepare($sql) $stmt->bind_param('s', $snr); $stmt->execute(); After this step I need to see if a row matched the query...but I have no idea how to write it, everyone here pretty much writes in mysql if I dont mention I want object oriented mysqli :S

    Read the article

  • mysqli prepare statment error?

    - by user310850
    Hi all, $mysqli = new mysqli("localhost", "root", "", "test"); $mysqli->query('PREPARE mid FROM "SELECT name FROM test_user WHERE id = ?"'); //$mysqli->query('PREPARE mid FROM "SELECT name FROM test_user" '); $res = $mysqli->query( 'EXECUTE mid 1;') or die(mysqli_error($mysqli)); while($resu = $res->fetch_object()) { echo '<br>' .$resu->name; } Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1 my php version is PHP Version 5.3.0 and mysql mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $

    Read the article

  • Converting my lightweight MySQL DB wrapper into MySQLi. Pesky Problems

    - by Chaplin
    Here is the original code: http://pastebin.com/DNxtmApY. I'm not that interested in prepared statements at the moment, I just want this wrapper updating to MySQLi so once MySQL becomes depreciated I haven't got to update a billion websites. Here is my attempt at converting to MySQLi. <? $database_host = "127.0.0.1"; $database_user = "user"; $database_pass = "pass"; $database_name = "name"; $db = new database($database_host, $database_user, $database_pass, $database_name); class database { var $link, $result; function database($host, $user, $pass, $db) { $this->link = mysqli_connect($host, $user, $pass, $db) or $this->error(); mysqli_select_db($db, $this->link) or $this->error(); } function query($query) { $this->result = mysqli_query($query, $this->link) or $this->error(); $this->_query_count++; return $this->result; } function countRows($result = "") { if ( empty( $result ) ) $result = $this->result; return mysqli_num_rows($result); } function fetch($result = "") { if ( empty( $result ) ) $result = $this->result; return mysqli_fetch_array($result); } function fetch_num($result = "") { if ( empty( $result ) ) $result = $this->result; return mysqli_fetch_array($result, mysqli_NUM); } function fetch_assoc($result = "") { if ( empty( $result ) ) $result = $this->result; return mysqli_fetch_array($result, mysqli_ASSOC); } function escape($str) { return mysqli_real_escape_string($str); } function error() { if ( $_GET["debug"] == 1 ){ die(mysqi_error()); } else { echo "Error in db code"; } } } function sanitize($data) { //apply stripslashes if magic_quotes_gpc is enabled if(get_magic_quotes_gpc()) $data = stripslashes($data); // a mysqli connection is required before using this function $data = trim(mysqli_real_escape_string($data)); return $data; } However it chucks all sorts of errors: Warning: mysql_query(): Access denied for user 'www-data'@'localhost' (using password: NO) in /home/count/Workspace/lib/classes/user.php on line 7 Warning: mysql_query(): A link to the server could not be established in /home/count/Workspace/lib/classes/user.php on line 7 Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/count/Workspace/lib/classes/user.php on line 8 Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, object given in /home/count/Workspace/lib/classes/database.php on line 31

    Read the article

  • php mysqli help, first line in DB not being returned?

    - by williamsongibson
    Here is my code <?php require_once 'connect.php'; $sql = "SELECT * FROM `db-pages`"; $result = $mysqli->query($sql) or die($mysqli->error.__LINE__); while ($row = $result->fetch_assoc()) { echo($row['pagetitle'].' - To edit this page <a href="editpage.php?id='.$row['id'].'">click here</a><br>'); } } ?> I've added a couple more rows to the Database and it's returning them all, apart from id=1 in the DB. Any idea why?

    Read the article

  • What characters are NOT escaped with a mysqli prepared statement?

    - by barfoon
    Hey everyone, I'm trying to harden some of my PHP code and use mysqli prepared statements to better validate user input and prevent injection attacks. I switched away from mysqli_real_escape_string as it does not escape % and _. However, when I create my query as a mysqli prepared statement, the same flaw is still present. The query pulls a users salt value based on their username. I'd do something similar for passwords and other lookups. Code: $db = new sitedatalayer(); if ($stmt = $db->_conn->prepare("SELECT `salt` FROM admins WHERE `username` LIKE ? LIMIT 1")) { $stmt->bind_param('s', $username); $stmt->execute(); $stmt->bind_result($salt); while ($stmt->fetch()) { printf("%s\n", $salt); } $stmt->close(); } else return false; Am I composing the statement correctly? If I am what other characters need to be examined? What other flaws are there? What is best practice for doing these types of selects? Thanks,

    Read the article

  • How Do I See The Final Text Of A Query Resulting From A Call To mysqli->prepare?

    - by Joshua
    After code like this: $stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) { $stmt->bind_param("s", $city); $stmt->execute(); $stmt->bind_result($district); $stmt->fetch(); printf("%s is in district %s\n", $city, $district); How Do I See The Actual SQL Statement That Was Executed? (It Should Look Something Like "SELECT District FROM City WHERE Name='Simi Valley';") I already realize that in this simplistic case it would be very easy to simply reconstruct the query... but how can I access it in a general way that will work for very complicated prepared statements, and cases where I don't necessarily already understand the intended structure of the query, etc. Isn't there some function or method that can be called on the statement object that will return the actual text of the SQL query, after binding?

    Read the article

  • Is there any way to print the actual query that mysqli->execute() makes?

    - by 0plus1
    I have a complex query that gets executed like this: if ($stmt = $dbi->prepare($pt_query)) { $stmt->bind_param('ssssssssi', $snome,$scognome,$ssocieta,$svia,$slocalita,$sprovincia,$scap,$stelefono,$sfax,$uid); $stmt->execute(); echo $dbi->error; $stmt->close(); } else { printf("Error -> %s\n", $dbi->error); } This thing is failing without any error, it simply doesn't update the database. Since there is a ton of data that gets treated before this thing I would like to know if there is any way to show the actual query that mysqli is executing in order to understand where the problem is. Thank you.

    Read the article

  • MySQLi Extension with phpMyAdmin

    - by user1062058
    I just unpacked the latest phpMyAdmin into /var/www/html/phpMyAdmin and it is giving me "The mysqli extension is missing." - how do I install this? I'm on Centos. I checked php.ini and it seems to be "unlocked". when I type in php -i |grep -i mysqli ... it looks to be enabled. Also this is PHP Version 5.3.8 php -m apc ctype curl date dom filter ftp gd hash iconv json libxml mcrypt memcache mysql mysqli openssl pcre PDO pdo_sqlite posix REflection session SimpleXML soap SPL SQLite standard tokenizer xml xmlreader xmlwriter zlib Thanks.

    Read the article

  • checkUnique function?

    - by Chris Leah
    Hey, so I have created a function to check the DB for unique entries, but when I call the function it doesn't seem to work and gives me a fatal error any ideas from the function or do you wish to see the sign up page calling it. Thanks :) //Check for unique entries function checkUnique($table, $field, $compared) { $query = $mysqli->query('SELECT '.$mysqli->real_escape_string($field).' FROM '.$mysqli->real_escape_string($table).' WHERE "'.$mysqli->real_escape_string($field).'" = "'.$mysqli->real_escape_string($compared).'"'); if(!$query){ return TRUE; } else { return FALSE; } } The page calling it..... if (!empty($_POST['username']) && !empty($_POST['password']) && $_POST['password']==$_POST['password_confirm'] && !empty($_POST['email']) && validateEmail($_POST['email']) == TRUE && checkUnqiue('users', 'email', $_POST['email']) == TRUE && checkUnique('users', 'username', $_POST['username']) == TRUE)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >