www.webdeveloper.com
Results 1 to 5 of 5

Thread: [RESOLVED] mysqli_stmt_bind_param with URLs

  1. #1
    Join Date
    Dec 2011
    Posts
    181

    resolved [RESOLVED] mysqli_stmt_bind_param with URLs

    I am currently trying to submit URLs to my SQL db for links on my admin page. These URLs are absolute paths (ex www.google.com). But I keep getting "Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]: invalid object or resource mysqli_stmt"

    Any help here, I'm using the string type for this variable.

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    22,335
    Probably need to see the actual code, but it sounds like maybe it's a problem with the first parameter not being a valid mysqli statement identifier (i.e. what is returned by a successful call to mysqli_statement_init() or mysqli_prepare()). If so, you may need to check what that function is returning and if false, add some debug code to figure out why it's failing.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  3. #3
    Join Date
    Dec 2011
    Posts
    181
    I get this mysqli error back
    Code:
    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '://www.google.com WHERE id = 20' at line 4
    As you can see, it's to do with the "http://" part, I have submitted relative links just fine with ease, does it have something to do with the mysqli_stmt_bind_param? because that's the line it points to.

  4. #4
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    22,335
    Again, need to see the actual code where that SQL is defined and then used in a prepare function, though it looks like you may have an unquoted string literal in the query?
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  5. #5
    Join Date
    Dec 2011
    Posts
    181
    UPDATE: I checked the POST variables, nothing wrong there.

    Here is my form code...

    PHP Code:
    <?php
        
    if($_POST['submit']){
            
            
    $error_message "";
            
    $display_message "";
            
            
    $error NULL;
            
            
    $id mysqli_prep($_POST['id']);
            
            
    $image $_FILES['thumbnail'];
            
            if(
    $image['error'] != 0){
                if(
    $image['error'] == 4){ // no file selected
                    
    $menu_name mysqli_prep($_POST['title']);
                    
    $group mysqli_prep($_POST['group']);
                    
    $link mysqli_prep($_POST['link']);
                    
    $sql "UPDATE admin_categories SET 
                            `menu_name` = 
    $menu_name,
                            `group` = 
    $group,
                            `link` = 
    $link
                            WHERE id = 
    $id";
                    
    $stmt mysqli_stmt_init($connect);
                    
    mysqli_stmt_prepare($stmt$sql);
                    
    mysqli_stmt_bind_param($stmt'sssi'$menu_name$group$link$id);
                    if(
    mysqli_stmt_execute($stmt)){
                        
    // Success!
                        
    $display_message "<h6 class=\"displaymessage\">Admin category updated successfully!</h6>\n";
                    }else{
                        
    // Failed!
                        
    $display_message "<h6 class=\"displaymessage\">Admin category update failed.</h6>\n";
                        
    $display_message "<h6 class=\"displaymessage\">".mysqli_error($connect)."</h6>\n";
                    }
                    
    mysqli_stmt_close($stmt);
                } else {
                    
    $error "File could not be uploaded. Please try again.\n";
                    
    // Not correct form enctype?
                
    }
            }
            
            if(!
    $error){
                if(!@
    is_uploaded_file($image['tmp_name'])){
                    
    $error 'The process cannot continue. Please contact administration.';
                    
    // Malicious user?
                
    }
            }
            
            if(!
    $error){
                
    $allowedMime = array('image/png');
                if(!
    in_array($image['type'], $allowedMime)){
                    
    $error 'You can upload only PNG images. Please try again.';
                    
    // Unaccepted file type
                
    }
            }
            
            if(!
    $error){
                
    $allowedExtensions = array('png');
                
    $fileExtension array_pop(explode('.'$image['name']));
                if(!
    in_array($fileExtension$allowedExtensions)){
                    
    $error 'You can upload only PNG files. Please try again.';
                    
    // Unaccepted file extension
                
    }
            }
            
            if(!
    $error){
                
    $uploadDirectory ADMIN.'_images/dir/';
                
    $uploadName $image['name'];
                
    // uploadDirectory must be set as absolute path or as relative path to upload.php
                
                // check if image already exists, if it does, delete it
                
    if(file_exists($uploadDirectory.$uploadName)) unlink($uploadDirectory.$uploadName);
                
                if(!@
    move_uploaded_file($image['tmp_name'], $uploadDirectory.$uploadName)){
                    
    $error 'There was a problem storing the file. Please contact webmaster.';
                    
    // Permission denied to write into folder or hardware issues?
                
    }
            }
            
            if(!
    $error){
                
    $menu_name mysqli_prep($_POST['title']);
                
    $group mysqli_prep($_POST['group']);
                
    $link mysqli_prep($_POST['link']);
                
    $imagen mysqli_prep($_FILES['thumbnail']['name']);
                
    $sql "UPDATE admin_categories SET 
                        `menu_name` = 
    $menu_name,
                        `group` = 
    $group,
                        `link` = 
    $link,
                        `image` = 
    $imagen
                        WHERE id = 
    $id";
                
    $stmt mysqli_stmt_init($connect);
                
    mysqli_stmt_prepare($stmt$sql);
                
    mysqli_stmt_bind_param($stmt'ssssi'$menu_name$group$link$imagen$id);
                if(
    mysqli_stmt_execute($stmt)){
                    
    // Success!
                    
    $display_message "<h6 class=\"displaymessage\">Admin category updated successfully!</h6>\n";
                }else{
                    
    // Failed!
                    
    $display_message "<h6 class=\"displaymessage\">Admin category update failed.</h6>\n";
                    
    $display_message "<h6 class=\"displaymessage\">".mysqli_error($connect)."</h6>\n";
                }
                
    mysqli_stmt_close($stmt);
            }
            if(
    $error$error_message .= $error."\n";
        }
    ?>
    ...and my mysqli_prep function code...
    PHP Code:
    function mysqli_prep($value){
        global 
    $connect;
        
    $magic_quotes_active get_magic_quotes_gpc();
        
    $new_enough_php function_exists("mysqli_real_escape_string");
        if(
    $value == "")
        if(
    $new_enough_php){ // PHP v4.3.0 or higher
            // undo any magic quote effects so mysqli_real_escape_string can do the work
            
    if($magic_quotes_active){
                
    $value stripslashes($value);
            } 
            
    $value mysqli_real_escape_string($connect$value);
        } else { 
    // before PHP 4.3.0
            // if magic quotes aren't already on then add slahses manually
            
    if(!$magic_quotes_active){
                
    $value addslashes($value);
            }
            
    // if magic quotes are active, then the slashes already exist
        
    }
        return 
    $value;

    UPDATE2: Well I don't know how I missed that screw up (sql query did not have any ?'s), working good now.
    Last edited by Dragonfire2008; 02-15-2014 at 02:43 PM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center

"

"

X vBulletin 4.2.2 Debug Information

  • Page Generation 0.16828 seconds
  • Memory Usage 2,971KB
  • Queries Executed 15 (?)
More Information
Template Usage (34):
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_global_above_footer
  • (1)ad_global_below_navbar
  • (1)ad_global_header1
  • (1)ad_global_header2
  • (1)ad_navbar_below
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)ad_thread_first_post_content
  • (1)ad_thread_last_post_content
  • (1)bbcode_code
  • (2)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)headinclude_bottom
  • (5)memberaction_dropdown
  • (1)navbar
  • (4)navbar_link
  • (1)navbar_moderation
  • (1)navbar_noticebit
  • (1)navbar_tabs
  • (2)option
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available (6):
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files (26):
  • ./showthread.php
  • ./global.php
  • ./includes/class_bootstrap.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/functions_navigation.php
  • ./includes/class_friendly_url.php
  • ./includes/class_hook.php
  • ./includes/class_bootstrap_framework.php
  • ./vb/vb.php
  • ./vb/phrase.php
  • ./includes/functions_facebook.php
  • ./includes/functions_calendar.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_notice.php
  • ./packages/vbattach/attach.php
  • ./vb/types.php
  • ./vb/cache.php
  • ./vb/cache/db.php
  • ./vb/cache/observer/db.php
  • ./vb/cache/observer.php 

Hooks Called (72):
  • init_startup
  • friendlyurl_resolve_class
  • init_startup_session_setup_start
  • database_pre_fetch_array
  • database_post_fetch_array
  • init_startup_session_setup_complete
  • global_bootstrap_init_start
  • global_bootstrap_init_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • load_show_variables
  • load_forum_show_variables
  • global_state_check
  • global_bootstrap_complete
  • global_start
  • style_fetch
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • strip_bbcode
  • friendlyurl_clean_fragment
  • friendlyurl_geturl
  • forumjump
  • cache_templates
  • cache_templates_process
  • template_register_var
  • template_render_output
  • fetch_template_start
  • fetch_template_complete
  • parse_templates
  • fetch_musername
  • notices_check_start
  • notices_noticebit
  • process_templates_complete
  • friendlyurl_redirect_canonical
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • memberaction_dropdown
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • build_navigation_data
  • build_navigation_array
  • check_navigation_permission
  • process_navigation_links_start
  • process_navigation_links_complete
  • set_navigation_menu_element
  • build_navigation_menudata
  • build_navigation_listdata
  • build_navigation_list
  • set_navigation_tab_main
  • set_navigation_tab_fallback
  • navigation_tab_complete
  • fb_like_button
  • showthread_complete
  • page_templates