tags:

views:

188

answers:

2
+1  Q: 

Mysqli Prepared Statement Problem in bindParam()

Hi guys.

Just as usual i was looking around best practices with PHP, and prepared statements seems the kind of stuff i should now how do with my eyes closed. So i started playing around with some examples i've found.

I've got this error when running the script:

Fatal error: Call to a member function bindParam() on a non-object in /opt/lampp/htdocs/phpSecurity/PreparedStatments/Insert-Multi-Binded-Params/Insert Simple Method.php on line 10

Here it goes the code.

Insert Simple Method.php

<?php
require_once '../config.php';

$stmt = $db->prepare("INSERT INTO coisas (nome, telefone, bi) VALUES (?, ?, ?)");

$nome = 'Fabio Antunes';
$telefone = 916810641;
$bi = 123093456;

$stmt->bindParam(1, $nome);
$stmt->bindParam(2, $telefone);
$stmt->bindParam(3, $bi);

$stmt->execute();

$stmt->close();

$db->close();
?>

config.php

<?php
$server_host = 'localhost';
$server_user = 'root';
$server_password = '';
$server_db = 'PreparedStatements';
$db = new mysqli($server_host, $server_user, $server_password, $server_db);
?>

Not sure what i'm doing wrong here, this is similar example found at php.net, why isn't working? PS: I think the mysqli connection isn't the problem because I've used it to do some prepared statements with SELECT SQL commands. And worked pretty well.

EDIT

The Resolution and why.

Well in the example i should use bind_param() for each value in the query. But thanks to Bart, he managed to solve the problem with my code.

Where it is:

$stmt->bindParam(1, $nome);
$stmt->bindParam(2, $telefone);
$stmt->bindParam(3, $bi);

It should be:

$stmt->bind_param("sii", $nome, $telefone, $bi);

Now for those who might wondering what is "sii".

Well bind_param for what i see it binds the "$var" to each question mark "?" in order.

So with one bind_param() i can bind them all at the same time, and the normal use of bind_param() requires to specify the type of data being binded.

My first value to be binded is $nome a String, specified by the "s";

And the others $telefone and $bi are Integers for that he have "i";

For others that have a similar problem here it goes other data types (from php.net).

i = Integer;

s = String;

d = Double;

b = Blob;

If someone as a better explanation please post it or comment. So i can improve my own.

Thanks.

+1  A: 

You may think there's nothing wrong with the connection, but you should check to make sure:

$db = new mysqli($server_host, $server_user, $server_password, $server_db);
if (mysqli_connect_errno()) {
    printf("DB error: %s", mysqli_connect_error());
    exit();
}

EDIT:

What happens when you do:

$stmt = $db->prepare("INSERT INTO coisas (nome, telefone, bi) VALUES (?, ?, ?)");
$stmt->bind_param("sii", $nome, $telefone, $bi);
$stmt->execute();

?

Is the table coisas spelled properly?

Bart Kiers  2009-11-04 21:33:44
Good suggestion for best practice. I've tried but it didn't solved the problem. Any other idea?
Fábio Antunes  2009-11-04 21:36:47
$stmt->bind_param("sii", $nome, $telefone, $bi); Worked.
Fábio Antunes  2009-11-04 21:45:22
Good to hear it Fábio.
Bart Kiers  2009-11-04 21:46:23
Its not the first i see you answering one of my questions. Thanks for the special treatment.
Fábio Antunes  2009-11-04 21:48:48
+1  A: 

do a print_r on $stmt after you get it back on line 4. Is it a real object? I am guessing no.

Zak  2009-11-04 21:40:33
Not sure what that will do but. The problem was that i as using bind param for each value, i could use only just one, and i didn't mentioned the value input type (s = string | i = integer). Thanks any way.
Fábio Antunes  2009-11-04 21:46:57
The error indicated that the object ($stmt) that you were calling a method of was not in fact an object. That could have occcurred inside that method, but my first guess was that it was a null $stmt in the first place.
Zak  2009-11-04 22:10:57

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases