/    Sign up×
Community /Pin to ProfileBookmark

Php prepared Statements

Php Folks,

Look at this procedural style php prepared statement.
I want to know why this query fails:

[code]
“UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?”;
[/code]

Where is the syntax error ? Do you see any ? Cos I don’t.
**Prepare failed:
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘”UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, mari’ at line 1
“UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?”;**

Here is the complicated context:

[code]
//Connect to Database. (DB_SERVER, BD_USERNAME, DB_PASSWORD, DB_NAME).
$conn = mysqli_connect(“localhost”,”root”,””,”powerpage”);
$conn->set_charset(‘utf8mb4’); //Always set Charset.

if($conn === false)
{
die(“ERROR: Connection Error!. ” . mysqli_connect_error());
}

//Prepare an UPDATE Statement.
$sql_query = “”UPDATE users SET “;//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(” “,”_”,”$value”); //Replaced Spaces to Underscores.
$value_2 = strtolower(“$value_1”); //Replaced Upper Case to Lower Case.

if(isset($_POST[“$value_2”]) && !empty($_POST[“$value_2”]))
{
$sql_query = “$sql_query” . “$value_2 = ?, “;
}
}

$sql_query = “$sql_query” . “WHERE id = ?”;”;
//Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name’s placeholder. Eg. $sql_query = “UPDATE users SET first_name = ?, surname = ?, WHERE id = ?”;
$value_3 = $sql_query;
$value_4 = str_replace(“= ?, WHERE”,”= ? WHERE”,”$value_3″);//Replaced the Comma after the final column name’s placeholder.
$sql_query = $value_4;
echo “$sql_query<br>”;

$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == false)
{
// just for debugging for now:
die(“<pre>Prepare failed:n”.mysqli_error($conn).”n$sql_query</pre>”);
}
[/code]

Remember, when I echo the $sql_query, I see this:
**“UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?”;**

Now where is the supposed syntax error there ?

to post a comment

37 Comments(s)

Copy linkTweet thisAlerts:
@NogDogMay 15.2020 — Why are you including an opening double quote as part of the query here?
<i>
</i>$sql_query = ""UPDATE users SET ";
^^
Copy linkTweet thisAlerts:
@developer_webauthorMay 15.2020 — @NogDog#1618480

Because the query hasn't been fully built or generated yet.

I mean it would be generated at the end to this:
<i>
</i>"UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?";

Do you see the opening and closing dbl quotes ? Isn't that how it should be ?

If so, then the first part of the half-built $query looks like this:

<i>
</i>$sql_query = ""UPDATE users SET ";


And, end part looks like this:
<i>
</i>$sql_query = "$sql_query" . "WHERE id = ?";";


Context:
<i>
</i>//Prepare an UPDATE Statement.
$sql_query = ""UPDATE users SET ";//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i> if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i> {
<i> </i> $sql_query = "$sql_query" . "$value_2 = ?, ";
<i> </i> }
<i> </i> }
<i> </i> $sql_query = "$sql_query" . "WHERE id = ?";";
<i> </i> //Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name's placeholder. Eg. $sql_query = "UPDATE users SET first_name = ?, surname = ?, WHERE id = ?";
<i> </i> $value_3 = $sql_query;
<i> </i> $value_4 = str_replace("= ?, WHERE","= ? WHERE","$value_3");//Replaced the Comma after the final column name's placeholder.
<i> </i> $sql_query = $value_4;
<i> </i> echo "$sql_query&lt;br&gt;";
Copy linkTweet thisAlerts:
@developer_webauthorMay 15.2020 — NogDog,

I switched it to this and error gone. On both lines note the "$sql_query =":
<i>
</i>//Prepare an UPDATE Statement.
$sql_query = "UPDATE users SET ";//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i>if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i>{
<i> </i> $sql_query = "$sql_query" . "$value_2 = ?, ";
<i> </i>}
}
$sql_query = "$sql_query" . "WHERE id = ?";


Should I stick to the above or this instead with single quotes since the variable values are strings....

On both lines note the "$sql_query =":
<i>
</i>//Prepare an UPDATE Statement.
$sql_query = 'UPDATE users SET ';//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i>if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i>{
<i> </i> $sql_query = "$sql_query" . "$value_2 = ?, ";
<i> </i>}
}
$sql_query = $sql_query . 'WHERE id = ?;';


or, maybe I should switch the last line to this:
<i>
</i>$sql_query = $sql_query . 'WHERE id = ?;';


You show me NogDog how it should be. I guess I got it right at the end.
Copy linkTweet thisAlerts:
@developer_webauthorMay 15.2020 — NogDog,

Ok. This is working after tests:
<i>
</i>//Prepare an UPDATE Statement.
$sql_query = 'UPDATE users SET ';//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i>if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i>{
<i> </i> $sql_query = $sql_query . "$value_2 = ?, ";
<i> </i>}
}

$sql_query = $sql_query . 'WHERE id = ?;';
//Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name's placeholder. Eg. $sql_query = "UPDATE users SET first_name = ?, surname = ?, WHERE id = ?";
$value_3 = $sql_query;
$value_4 = str_replace("= ?, WHERE","= ? WHERE","$value_3");//Replaced the Comma after the final column name's placeholder.
$sql_query = $value_4;
echo "$sql_query&lt;br&gt;"; echo "Line:277&lt;br&gt;";


The original error in my original post is gone. but now I get another error in some other line now which I will mention in next post.
Copy linkTweet thisAlerts:
@developer_webauthorMay 15.2020 — Don't know why execution fails!

**Warning: mysqli_error(): Couldn't fetch mysqli in C:xampphtdocstestsearch_2.php on line 325

Statement Execution Failed!

mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_SESSION["id"])**

In the comment, I have written:

"else //TROUBLE STARTING FROM THIS POINT ONWARDS!"

that way you can see from the script flow from where the trouble starts.

<i>
</i>//Prepare an UPDATE Statement.
$sql_query = 'UPDATE users SET ';//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i>if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i>{
<i> </i> $sql_query = $sql_query . "$value_2 = ?, ";
<i> </i>}
}

$sql_query = $sql_query . 'WHERE id = ?;';
//Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name's placeholder. Eg. $sql_query = "UPDATE users SET first_name = ?, surname = ?, WHERE id = ?";
$value_3 = $sql_query;
$value_4 = str_replace("= ?, WHERE","= ? WHERE","$value_3");//Replaced the Comma after the final column name's placeholder.
$sql_query = $value_4;
echo "$sql_query&lt;br&gt;"; echo "Line:277&lt;br&gt;";
$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == False)
{
//Close Connection.
mysqli_close($conn);
echo "Line 300&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_error($conn)."n$sql_query&lt;/pre&gt;");
}
else //TROUBLE STARTING FROM THIS POINT ONWARDS!
{
//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["id"] = 0; //DELETE THIS LINE
$mysqli_stmt_bind_param_part_1 = 'mysqli_stmt_bind_param($';
$mysqli_stmt_bind_param_part_2 = 'stmt,'ssssssi',';

<i> </i>foreach($form_questions_labels AS $form_question_label)
<i> </i>{
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = '$' . "$value_2,";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$' . "$value_2,";
<i> </i> }
<i> </i> }
$mysqli_stmt_bind_param_part_4 = '$_SESSION["id"])';
$mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_1" . "$mysqli_stmt_bind_param_part_2" . "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);

//Attempt to Execute the Prepared Statement.
if(!mysqli_stmt_execute($stmt))
{
//Close Connection.
mysqli_close($conn);
echo "Line 322&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Statement Execution Failed!n".mysqli_error($conn)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
}


On the final line, can you see the DIE ? That is getting triggered. Why is the execution failing ? I get no syntax errors anymore regarding SQL Syntax. Nor get any php syntax errors. Mysql Tbl Col names are accurate as getting no column names errors.

Beats the hell out of me!
Copy linkTweet thisAlerts:
@NogDogMay 16.2020 — If the mysqli_stmt_execute() fails, I think you want to use mysqli_stmt_error($stmt) to get the relevant error message, not mysqli_error($conn). You might also want to echo $sql after the error message, so you can see exactly what you actually sent to the database.
Copy linkTweet thisAlerts:
@developer_webauthorMay 16.2020 — @NogDog#1618489

Thanks.

But is this error one ok ? Else what error should i replace it with ?
<i>
</i>$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == False)
{
//Close Connection.
mysqli_close($conn);
echo "Line 293&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_error($conn)."n$sql_query&lt;/pre&gt;");
}


Should I replace it with this one too ?
<i>
</i>mysqli_stmt_error($stmt)


There should be like these:
<i>
</i>mysqli_prepare_error($stmt)
mysqli_bind_error($stmt)
mysqli_stmt_error($stmt)


And so on. Maybe there are ?
Copy linkTweet thisAlerts:
@developer_webauthorMay 16.2020 — @NogDog#1618489

Ok. After switching to your suggested error. I now get this echoed:

**_Statement Execution Failed!

No data supplied for parameters in prepared statement

mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_
SESSION["user_id"]_**


This following code is producing the error.

You can see I am echoing the bind_params after the error and from it you can clearly see from the echo that they are not empty. So why php giving false error ?

<i>
</i>if(!mysqli_stmt_execute($stmt))
{
//Close Connection.
mysqli_close($conn);
echo "Line 322&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
}
Copy linkTweet thisAlerts:
@developer_webauthorMay 16.2020 — @NogDog,

I don't expect anyone to wade through all these lines of code and so if anyone is curious to whether I am supplying data to the prepared statements or bind parameters or not then you can supply the parameters yourself (in the form) and then test the script for yourself. You know that you have supplied the prepared statements and the bind params and so why is php giving you the error that you haven't supplied data to the prepared statement? Get my point ?

I mean, if I did not supply data to prepared statement then why is this condition not getting triggered ?

Why am I not getting the following echo ?
<i>
</i>$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == False)
{
//Close Connection.
mysqli_close($conn);
echo "Line 293&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_stmt_error($stmt)."n$sql_query&lt;/pre&gt;");


If you're puzzled like hell like I am and curious to dig deep then here is the full code. Fire it up on your Xamp/Wamp/Lamp if you will and fill in the form yourself and hit the submit button. That way you will realize I ain't mistaken and you will see for yourself that you get php giving you error saying you did not supply the prepared statements (did not fill in the form)!!!
<i>
</i>&lt;?php
error_reporting(E_ALL);
?&gt;

&lt;!DOCTYPE HTML"&gt;
&lt;html&gt;

&lt;head&gt;
&lt;meta name="viewport" content="width-device=width, initial-scale=1"&gt;
&lt;/head&gt;
&lt;body&gt;

&lt;?php
if(session_id() == '')
{
echo "Line 16 &lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
session_start();
$_SESSION['session_step'] = 'start';
echo "Line 21 &lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
}

if($_SESSION['session_step'] != 'end');
{
echo "Line 28 &lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";

<i> </i>if(isset($_GET['session_type']) &amp;&amp; !empty($_GET['session_type']))
<i> </i>{
<i> </i> $_SESSION['session_type'] = $_GET['session_type'];
<i> </i> //echo session_id();
<i> </i> if(!function_exists($_SESSION['session_type']))
<i> </i> {
<i> </i> die("Invalid Session");
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> echo "Line 42&lt;br&gt;";//THIS LINE SHOULD NOT ECHO AFTER CLICKING THE SUBMIT BUTTON SINCE 1). IT IS BEFORE THE SUBMIT BUTTON IN THE SCRIPT FLOW. AND 2). AFTER CLICKING THE SUBMIT BUTTON $_SESSION['session_step'] = 'end';! THIS LINE SHOULD ONLY ECHO IF $_SESSION['session_step'] = 'start'; WHY IS THIS LINE ECHOING AFTER CLICKING THE SUBMIT BUTTON ?
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i> $_SESSION['session_type']();
<i> </i> }
<i> </i>}
<i> </i>else
<i> </i>{
<i> </i> die("Invalid Session");
<i> </i>}

<i> </i>function submit_personal_details()
<i> </i>{
<i> </i> $session_type = $_SESSION['session_type'];
<i> </i>
<i> </i> $form_questions_labels[]='First Name';
<i> </i> $form_questions_labels[]='Middle Name';
<i> </i> $form_questions_labels[]='Surname';
<i> </i> $form_questions_labels[]='Gender';
<i> </i> //$form_questions_labels[]='Age_Range';
<i> </i> $form_questions_labels[]='Marital Status';
<i> </i> $form_questions_labels[]='Working Status';
<i> </i>
<i> </i> $form_questions_labels_required[]='First Name';
<i> </i> $form_questions_labels_required[]='Surname';
<i> </i> $form_questions_labels_required[]='Gender';
<i> </i> //$form_questions_labels_required[]='Age_Range';
<i> </i> $form_questions_labels_required[]='Marital Status';
<i> </i> $form_questions_labels_required[]='Working Status';
<i> </i>
<i> </i> $text_fields_labels = array('First Name','Middle Name','Surname');
<i> </i> $radio_buttons_labels = array('Gender');
<i> </i> $drop_downs_labels = array('Marital Status','Working Status');
<i> </i> /*
<i> </i> $i=1;
<i> </i> $options_radio_button_[$i] = array('Male','Female','Male To Female','Female To Male');
<i> </i> $i=2;
<i> </i> $options_radio_button_[$i] = array('Yes','No');
<i> </i> */
<i> </i> /*
<i> </i> $i=1;
<i> </i> $options_drop_down_[$i] = array('Single','Married','Divorced','Widow');
<i> </i> $i=2;
<i> </i> $options_drop_down_[$i] = array('Selfemployed','Employed','Unemployed');
<i> </i> */
<i> </i> //Gender Options
<i> </i> $i=1;
<i> </i> $options_radio_button_[$i][]='Male';
<i> </i> $options_radio_button_[$i][]='Female';
<i> </i> $options_radio_button_[$i][]='Male To Female';
<i> </i> $options_radio_button_[$i][]='Female To Male';
<i> </i> $total_options_radio_button_[$i] = count($options_radio_button_[$i]);//4
<i> </i> /*
<i> </i> //Tos Options
<i> </i> $i=2;
<i> </i> $options_radio_button_[$i][]='Yes';
<i> </i> $options_radio_button_[$i][]='No';
<i> </i> $total_options_radio_button_[$i] = count($options_radio_button_[$i]);//2
<i> </i> */
<i> </i> //Marital Status Options
<i> </i> $i=1;
<i> </i> $options_drop_down_[$i][]='Single';
<i> </i> $options_drop_down_[$i][]='Married';
<i> </i> $options_drop_down_[$i][]='Divorced';
<i> </i> $options_drop_down_[$i][]='Widow';
<i> </i> $total_options_drop_down_[$i] = count($options_drop_down_[$i]);//4
<i> </i> //Working Status Options
<i> </i> $i=2;
<i> </i> $options_drop_down_[$i][]='Selfemployed';
<i> </i> $options_drop_down_[$i][]='Employed';
<i> </i> $options_drop_down_[$i][]='Unemployed';
<i> </i> $total_options_drop_down_[$i] = count($options_drop_down_[$i]);//3

<i> </i> $total_form_questions_labels = 8;
<i> </i> $total_form_questions_labels_required = 7;
<i> </i> $total_text_fields_labels = 4;
<i> </i> $total_radio_buttons_labels = count($radio_buttons_labels);//2
<i> </i> $total_drop_downs_labels = count($drop_downs_labels);//2
<i> </i> ?&gt;
<i> </i> &lt;form action="&lt;?php echo $_SERVER['PHP_SELF'];?&gt;?session_type=&lt;?php echo $_SESSION['session_type'];?&gt;" method="post" enctype="plain/text"&gt;
<i> </i> &lt;?php

<i> </i> foreach($form_questions_labels as $form_question_label) //Loop through the whole 'Form Questions' array.
<i> </i> {
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i>
<i> </i> //Check if current 'Form Item' is a 'Text Field' or not.
<i> </i> if(in_array("$form_question_label",$text_fields_labels)) //Current 'Form Item' proved to be a 'Text Field'.
<i> </i> {
<i> </i> //Check if current 'Form Item' (Text Field) is a 'required' one or not.
<i> </i> if(in_array("$form_question_label",$form_questions_labels_required))//Current 'Form Item' (Text Field) proved to be a 'required' one.
<i> </i> {
<i> </i> //Added '*' (asterisk) to indicate the 'Text Field' is a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label *:&lt;/label&gt;
<i> </i> &lt;input type="text" name="$value_2" placeholder="$form_question_label" value = ""&gt;";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Added no '*' (asterisk) to indicate the 'Text Field' is NOT a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label:&lt;/label&gt;
<i> </i> &lt;input type="text" name="$value_2" placeholder="$form_question_label"&gt;";
<i> </i> }
<i> </i> echo "&lt;br&gt;";
<i> </i> }
<i> </i> //Check if current 'Form Item' is a 'Radio Button' or not.
<i> </i> if(in_array("$form_question_label",$radio_buttons_labels)) //Current 'Form Item' proved to be a 'Radio Button'.
<i> </i> {
<i> </i> //Check if current 'Form Item' (Radio Button) is a 'required' one or not.
<i> </i> if(in_array("$form_question_label",$form_questions_labels_required))//Current 'Form Item' (Radio Button) proved to be a 'required' one.
<i> </i> {
<i> </i> //Added '*' (asterisk) to indicate the 'Radio Button' is a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label *:&lt;/label&gt;";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Added no '*' (asterisk) to indicate the 'Radio Button' is NOT a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label:&lt;/label&gt;";
<i> </i> }
<i> </i> $i = 0;
<i> </i> foreach($radio_buttons_labels as $radio_button_label) //$radio_buttons_labels = ('Gender','Tos');
<i> </i> {
<i> </i> if($form_question_label == $radio_button_label) //eg. 'Gender'.
<i> </i> {
<i> </i> $i++;
<i> </i> foreach($options_radio_button_[$i] as $option_radio_button_[$i])
<i> </i> {
<i> </i> echo "&lt;input type="radio" id="$option_radio_button_[$i]" name="$value_2" value="$option_radio_button_[$i]"&gt;
<i> </i> &lt;label_for="$option_radio_button_[$i]"&gt;$option_radio_button_[$i]&lt;/label&gt;";
<i> </i> }
<i> </i> echo "&lt;br&gt;";
<i> </i> }
<i> </i> $i++;
<i> </i> }
<i> </i> }
<i> </i> //Check if current 'Form Item' is a 'Drop Down' or not.
<i> </i> if(in_array("$form_question_label",$drop_downs_labels)) //Current 'Form Item' proved to be a 'Drop Down'.
<i> </i> {
<i> </i> //Check if current 'Form Item' (Drop Down) is a 'required' one or not.
<i> </i> if(in_array("$form_question_label",$form_questions_labels_required))//Current 'Form Item' (Drop Down) proved to be a 'required' one.
<i> </i> {
<i> </i> //Added '*' (asterisk) to indicate the 'Drop Down' is a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label *:&lt;/label&gt;";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Added no '*' (asterisk) to indicate the 'Drop Down' is NOT a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label:&lt;/label&gt;";
<i> </i> }
<i> </i> $i = 0;
<i> </i> foreach($drop_downs_labels as $drop_down_label)//$drop_downs_labels = ('Marital Status','Working Status');
<i> </i> {
<i> </i> if($form_question_label == $drop_down_label)
<i> </i> {
<i> </i> $i++;
<i> </i> echo "&lt;select name="$value_2"&gt;";
<i> </i> echo "&lt;option value="$option_drop_down_[$i]"&gt;$option_drop_down_[$i]&lt;/option&gt;";
<i> </i> foreach($options_drop_down_[$i] as $option_drop_down_[$i])
<i> </i> {
<i> </i> echo "&lt;option value="$option_drop_down_[$i]"&gt;$option_drop_down_[$i]&lt;/option&gt;";
<i> </i> }
<i> </i> echo "&lt;/select&gt;";
<i> </i> echo "&lt;br&gt;";
<i> </i> }
<i> </i> $i++;
<i> </i> }
<i> </i> }
<i> </i> }
<i> </i> ?&gt;
<i> </i> &lt;input type="submit" name="submit_personal_details" value="Submit"&gt;
<i> </i> &lt;?php
<i> </i> //$current_function = __FUNCTION__;
<i> </i> //echo $current_function;
<i> </i>
<i> </i> if($_SERVER['REQUEST_METHOD'] === 'POST')
<i> </i> {echo "Line 217&lt;br&gt;";
<i> </i> if(isset($_POST['submit_personal_details']) &amp;&amp; $_SESSION['session_step'] != 'end')
<i> </i> {
<i> </i> $_SESSION['session_step'] = 'end';
<i> </i> echo "Line 223&lt;br&gt;";
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i> foreach($form_questions_labels_required AS $form_question_label_required)
<i> </i> {
<i> </i> $value = $form_question_label_required;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i>
<i> </i> if(!isset($_POST["$value_2"]) || trim ($_POST["$value_2"]) === '')//Do not use 'empty($_POST["$value_2"]))' here as a '0' value is considered 'empty' value.
<i> </i> {
<i> </i> echo "Fill-in All required Form Fields that! Fields with asterisks * are required to be filled-in!&lt;br&gt;";
<i> </i> //die("Fill-in All required Form Fields that! Fields with asterisks * are required to be filled-in!");
<i> </i> }
<i> </i> /*
<i> </i> else
<i> </i> {
<i> </i> echo "$value_2&lt;br&gt;"; echo "Line 227!&lt;br&gt;";
<i> </i> }
<i> </i> */
<i> </i> }
<i> </i> echo "Line 242&lt;br&gt;";
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i> session_destroy();
<i> </i> echo "Line 246&lt;br&gt;";
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i>
<i> </i> //Connect to Database. (DB_SERVER, BD_USERNAME, DB_PASSWORD, DB_NAME).
<i> </i> $conn = mysqli_connect("localhost","root","","powerpage");
<i> </i> $conn-&gt;set_charset('utf8mb4'); //Always set Charset.
<i> </i>
<i> </i> if($conn === false)
<i> </i> {
<i> </i> die("ERROR: Connection Error!. " . mysqli_connect_error());
<i> </i> }
<i> </i>
<i> </i> //Prepare an UPDATE Statement.
<i> </i> $sql_query = 'UPDATE users SET ';//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
<i> </i> foreach($form_questions_labels AS $form_question_label)
<i> </i> {
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i>
<i> </i> if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i> {
<i> </i> $sql_query = $sql_query . "$value_2 = ?, ";
<i> </i> }
<i> </i> }
<i> </i> $sql_query = $sql_query . 'WHERE id = ?;';
<i> </i> //Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name's placeholder. Eg. $sql_query = "UPDATE users SET first_name = ?, surname = ?, WHERE id = ?";
<i> </i> $value_3 = $sql_query;
<i> </i> $value_4 = str_replace("= ?, WHERE","= ? WHERE","$value_3");//Replaced the Comma after the final column name's placeholder.
<i> </i> $sql_query = $value_4;
<i> </i> echo "$sql_query&lt;br&gt;"; echo "Line:277&lt;br&gt;";
<i> </i> /*
<i> </i> if(!mysqli_prepare($conn,$query)
<i> </i> {
<i> </i> //Close Connection.
<i> </i> mysqli_close($conn);
<i> </i> echo "Line 322&lt;br&gt;";//DELETE THIS
<i> </i> die("&lt;pre&gt;Statement Execution Failed!n".mysqli_error($conn)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
<i> </i> }
<i> </i> */
<i> </i> //$sql_query = "UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?";
<i> </i> $stmt = mysqli_prepare($conn,$sql_query);
<i> </i> if($stmt == False)
<i> </i> {
<i> </i> //Close Connection.
<i> </i> mysqli_close($conn);
<i> </i> echo "Line 293&lt;br&gt;";//DELETE THIS
<i> </i> die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_stmt_error($stmt)."n$sql_query&lt;/pre&gt;");
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
<i> </i> $_SESSION["user_id"] = 13; //DELETE THIS LINE
<i> </i>
<i> </i> echo $mysqli_stmt_bind_param_part_1 = 'mysqli_stmt_bind_param($';
<i> </i> echo $mysqli_stmt_bind_param_part_2 = 'stmt,'ssssssi',';
<i> </i>
<i> </i> foreach($form_questions_labels AS $form_question_label)
<i> </i> {
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = '$' . "$value_2,";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$' . "$value_2,";
<i> </i> }
<i> </i> }
<i> </i> echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"])';
<i> </i> echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_1" . "$mysqli_stmt_bind_param_part_2" . "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);
<i> </i>
<i> </i> //EVEN WITH FOLLOWING LINE UNCOMMENTED, I STILL GET THE ERROR THAT I HAVE NOT SUPPLIED DATA TO PREPARED STATEMENT!
<i> </i> //mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_SESSION["user_id"]);
<i> </i> //Attempt to Execute the Prepared Statement.
<i> </i> mysqli_stmt_execute($stmt);
<i> </i> if(!mysqli_stmt_execute($stmt))
<i> </i> {
<i> </i> //Close Connection.
<i> </i> mysqli_close($conn);
<i> </i> echo "Line 322&lt;br&gt;";//DELETE THIS
<i> </i> die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
<i> </i> }
<i> </i> //mail();
<i> </i> }
<i> </i> }
<i> </i> }
<i> </i>}
}
echo "Line 337&lt;br&gt;";
echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
?&gt;

&lt;?php
/*
session_start();

//$_session = 'search';
//echo session_id();
//echo $_session;

if(isset($_GET['session_type']))
{
$session=$_GET['session'];echo $_session['session'];
}
else
{
die("Invalid Session1!");echo $_session['session'];
}
*/

/*
echo session_id();

session_start();
if(isset($_GET['session_type']))
{
$_GET['session_type'];
}
else
{
die("Invalid Session2");
}
*/
?&gt;
Copy linkTweet thisAlerts:
@NogDogMay 16.2020 — It does not look as if you actually execute the mysqli_stmt_bind_param() command anywhere (except in a commented-out line in one of the posts here). You assign values to variables that output what you intended to bind in your error message, but you never actually did the binding.

(One of the main reasons I prefer the PDO extension over MySQLi is that you can use named place-holders in the SQL, then just supply an array of values to bind to them in the execute.)
Copy linkTweet thisAlerts:
@ByrgersunMay 16.2020 — You might also want to echo $sql after the error
Copy linkTweet thisAlerts:
@lopomajiMay 17.2020 — You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '"UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, mari' at line 1

**Links removed by Site Staff so it doesn't look like you're spamming us. Please don't post them again.**
Copy linkTweet thisAlerts:
@netconnektMay 18.2020 — [https://netconnekt.com/](url)

Net Connekt is Qatar's leading website development and design company in Doha, Qatar, specializing in responsive and parallax website designing, Mobile Apps, eCommerce Development, SEO, PPC etc.
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — @NogDog#1618504

I will be getting into PDO soon. I started mysqli in 2015 and so best master that first.

Thanks!
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — @lopomaji#1618534

I did not post any links. What links you talking about ? Links to what site ? PM the link.
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — @NogDog#1618504

I did do the binding but I reckon it is invalid. Look:
<i>
</i>else
{
/*
Generate the mysqli_stmt_bind_param() in parts to generate the variables
matching the 'Column Names'.
*/
$_SESSION["user_id"] = 13; //DELETE THIS LINE

<i> </i>echo $mysqli_stmt_bind_param_part_1 = 'mysqli_stmt_bind_param($';
<i> </i>echo $mysqli_stmt_bind_param_part_2 = 'stmt,'ssssssi',';
<i> </i>
<i> </i>foreach($form_questions_labels AS $form_question_label)
<i> </i>{
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = '$' . "$value_2,";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" .
<i> </i> '$' . "$value_2,";
<i> </i> }
}
echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"])';
echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_1" .
"$mysqli_stmt_bind_param_part_2" .
"$mysqli_stmt_bind_param_part_3" .
"$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);

//EVEN WITH FOLLOWING LINE UNCOMMENTED, I STILL GET THE ERROR THAT I HAVE NOT SUPPLIED DATA TO PREPARED STATEMENT!
//mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_SESSION["user_id"]);
//Attempt to Execute the Prepared Statement.
mysqli_stmt_execute($stmt);
if(!mysqli_stmt_execute($stmt))
{
//Close Connection.
mysqli_close($conn);
echo "Line 322&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
}
//mail();
}


I think php is not accepting this as mysqli_bind. Count it as invalid.
<i>
</i>echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"])';
echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_1" . "$mysqli_stmt_bind_param_part_2" . "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4";
//Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,
$marital_status,$working_status,13);


Hence, any ideas how I can validate this ? Any workaround ?

You know I can't directly write the bind_param like the following and need to get php generate it in parts and then concatenate the parts just like php did to the prepared statement.

<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_SESSION["user_id"]);
Copy linkTweet thisAlerts:
@SempervivumMay 18.2020 — @developer_web#1618555 Don't be confused, lopomaju posted links that were abviously advertising, therefore I removed them.
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — @Sempervivum#1618557

Oh. Ok. I thought lopomaju was the mod warning me (by referencing to my post) not to post ad links.

Anyway, I still confused how to generate mysqli_bind_param(); in parts. Check my previous post.

Maybe, you can enlighten me on that. ;)

Thanks
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — Even this didn't work:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param_part_3,$_SESSION["user_id"]);


Context:
<i>
</i>//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["user_id"] = 13; //DELETE THIS LINE

foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
if($form_question_label == $form_questions_labels[0])
{
echo $mysqli_stmt_bind_param_part_3 = '$' . "$value_2,";
}
else
{
echo $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$' . "$value_2,";
}
}

mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param_part_3,$_SESSION["user_id"]);

Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — Even this failed. Still getting same error:
<i>
</i>//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["user_id"] = 13; //DELETE THIS LINE

echo $mysqli_stmt_bind_param_part_1 = 'mysqli_stmt_bind_param($';
echo $mysqli_stmt_bind_param_part_2 = 'stmt,'ssssssi',';

foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = '$' . "$value_2,";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$' . "$value_2,";
<i> </i> }
}
echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"]);';
echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_1" . "$mysqli_stmt_bind_param_part_2" . "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);
//mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param_part_3,$_SESSION["user_id"]);
mysqli_stmt_bind_param($mysqli_stmt_bind_param);
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — Even this failed:
<i>
</i>foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
if($form_question_label == $form_questions_labels[0])
{
echo $mysqli_stmt_bind_param_part_3 = '$' . "$value_2,";
}
else
{
echo $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$' . "$value_2,";
}
}
echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"]);';
//echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_1" . "$mysqli_stmt_bind_param_part_2" . "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);

echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);

mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param,$_SESSION["user_id"]);


**Statement Execution Failed!

No data supplied for parameters in prepared statement**
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — This time I scrapped out all the complicated parts and wrote it to the bare minimum for the prepared statement. I get no error alright but the row is not getting updatedin mysql. Why is that ?

Look, bare minimum ....
<i>
</i>$sql_query = "UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?";
$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == False)
{
//Close Connection.
mysqli_close($conn);
echo "Line 293&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_stmt_error($stmt)."n$sql_query&lt;/pre&gt;");
}
else
{
//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["user_id"] = 13;

<i> </i> mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_SESSION["user_id"]);
<i> </i> //Attempt to Execute the Prepared Statement.
<i> </i> mysqli_stmt_execute($stmt);
<i> </i> if(!mysqli_stmt_execute($stmt))
<i> </i> {
<i> </i> //Close Connection.
<i> </i> mysqli_close($conn);
<i> </i> echo "Line 322&lt;br&gt;";//DELETE THIS
<i> </i> die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
<i> </i> }
}

Strange!

Since this did not trigger then the UPDATE should have completed!
<i>
</i>if(!mysqli_stmt_execute($stmt))
{
//Close Connection.
mysqli_close($conn);
echo "Line 322&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
}


The $id=13 for the 'id' column is correct as I have a '13' id row in my tbl. I get no mysql errors nor php errors nor mysql connection errors. No errors. Nothing. So why not updating ?

What is wrong with this query ?
<i>
</i>$conn = mysqli_connect("localhost","root","","powerpage");
$conn-&gt;set_charset('utf8mb4'); //Always set Charset.

$sql_query = "UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?";
$stmt = mysqli_prepare($conn,$sql_query);
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — Anyone,

Try testing this on your localhost and see if you can figure-out why the UPDATE is failing. I have failed. Going in circles now!
<i>
</i>&lt;?php
error_reporting(E_ALL);
?&gt;

&lt;!DOCTYPE HTML"&gt;
&lt;html&gt;

&lt;head&gt;
&lt;meta name="viewport" content="width-device=width, initial-scale=1"&gt;
&lt;/head&gt;
&lt;body&gt;

&lt;?php
if(session_id() == '')
{
echo "Line 16 &lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
session_start();
$_SESSION['session_step'] = 'start';
echo "Line 21 &lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
}

if($_SESSION['session_step'] != 'end');
{
echo "Line 28 &lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";

<i> </i>if(isset($_GET['session_type']) &amp;&amp; !empty($_GET['session_type']))
<i> </i>{
<i> </i> $_SESSION['session_type'] = $_GET['session_type'];
<i> </i> //echo session_id();
<i> </i> if(!function_exists($_SESSION['session_type']))
<i> </i> {
<i> </i> die("Invalid Session");
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> echo "Line 42&lt;br&gt;";//THIS LINE SHOULD NOT ECHO AFTER CLICKING THE SUBMIT BUTTON SINCE 1). IT IS BEFORE THE SUBMIT BUTTON IN THE SCRIPT FLOW. AND 2). AFTER CLICKING THE SUBMIT BUTTON $_SESSION['session_step'] = 'end';! THIS LINE SHOULD ONLY ECHO IF $_SESSION['session_step'] = 'start'; WHY IS THIS LINE ECHOING AFTER CLICKING THE SUBMIT BUTTON ?
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i> $_SESSION['session_type']();
<i> </i> }
<i> </i>}
<i> </i>else
<i> </i>{
<i> </i> die("Invalid Session");
<i> </i>}

<i> </i>function submit_personal_details()
<i> </i>{
<i> </i> $session_type = $_SESSION['session_type'];
<i> </i>
<i> </i> $form_questions_labels[]='First Name';
<i> </i> $form_questions_labels[]='Middle Name';
<i> </i> $form_questions_labels[]='Surname';
<i> </i> $form_questions_labels[]='Gender';
<i> </i> //$form_questions_labels[]='Age_Range';
<i> </i> $form_questions_labels[]='Marital Status';
<i> </i> $form_questions_labels[]='Working Status';
<i> </i>
<i> </i> $form_questions_labels_required[]='First Name';
<i> </i> $form_questions_labels_required[]='Surname';
<i> </i> $form_questions_labels_required[]='Gender';
<i> </i> //$form_questions_labels_required[]='Age_Range';
<i> </i> $form_questions_labels_required[]='Marital Status';
<i> </i> $form_questions_labels_required[]='Working Status';
<i> </i>
<i> </i> $text_fields_labels = array('First Name','Middle Name','Surname');
<i> </i> $radio_buttons_labels = array('Gender');
<i> </i> $drop_downs_labels = array('Marital Status','Working Status');
<i> </i> /*
<i> </i> $i=1;
<i> </i> $options_radio_button_[$i] = array('Male','Female','Male To Female','Female To Male');
<i> </i> $i=2;
<i> </i> $options_radio_button_[$i] = array('Yes','No');
<i> </i> */
<i> </i> /*
<i> </i> $i=1;
<i> </i> $options_drop_down_[$i] = array('Single','Married','Divorced','Widow');
<i> </i> $i=2;
<i> </i> $options_drop_down_[$i] = array('Selfemployed','Employed','Unemployed');
<i> </i> */
<i> </i> //Gender Options
<i> </i> $i=1;
<i> </i> $options_radio_button_[$i][]='Male';
<i> </i> $options_radio_button_[$i][]='Female';
<i> </i> $options_radio_button_[$i][]='Male To Female';
<i> </i> $options_radio_button_[$i][]='Female To Male';
<i> </i> $total_options_radio_button_[$i] = count($options_radio_button_[$i]);//4
<i> </i> /*
<i> </i> //Tos Options
<i> </i> $i=2;
<i> </i> $options_radio_button_[$i][]='Yes';
<i> </i> $options_radio_button_[$i][]='No';
<i> </i> $total_options_radio_button_[$i] = count($options_radio_button_[$i]);//2
<i> </i> */
<i> </i> //Marital Status Options
<i> </i> $i=1;
<i> </i> $options_drop_down_[$i][]='Single';
<i> </i> $options_drop_down_[$i][]='Married';
<i> </i> $options_drop_down_[$i][]='Divorced';
<i> </i> $options_drop_down_[$i][]='Widow';
<i> </i> $total_options_drop_down_[$i] = count($options_drop_down_[$i]);//4
<i> </i> //Working Status Options
<i> </i> $i=2;
<i> </i> $options_drop_down_[$i][]='Selfemployed';
<i> </i> $options_drop_down_[$i][]='Employed';
<i> </i> $options_drop_down_[$i][]='Unemployed';
<i> </i> $total_options_drop_down_[$i] = count($options_drop_down_[$i]);//3

<i> </i> $total_form_questions_labels = 8;
<i> </i> $total_form_questions_labels_required = 7;
<i> </i> $total_text_fields_labels = 4;
<i> </i> $total_radio_buttons_labels = count($radio_buttons_labels);//2
<i> </i> $total_drop_downs_labels = count($drop_downs_labels);//2
<i> </i> ?&gt;
<i> </i> &lt;form action="&lt;?php echo $_SERVER['PHP_SELF'];?&gt;?session_type=&lt;?php echo $_SESSION['session_type'];?&gt;" method="post" enctype="plain/text"&gt;
<i> </i> &lt;?php

<i> </i> foreach($form_questions_labels as $form_question_label) //Loop through the whole 'Form Questions' array.
<i> </i> {
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i>
<i> </i> //Check if current 'Form Item' is a 'Text Field' or not.
<i> </i> if(in_array("$form_question_label",$text_fields_labels)) //Current 'Form Item' proved to be a 'Text Field'.
<i> </i> {
<i> </i> //Check if current 'Form Item' (Text Field) is a 'required' one or not.
<i> </i> if(in_array("$form_question_label",$form_questions_labels_required))//Current 'Form Item' (Text Field) proved to be a 'required' one.
<i> </i> {
<i> </i> //Added '*' (asterisk) to indicate the 'Text Field' is a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label *:&lt;/label&gt;
<i> </i> &lt;input type="text" name="$value_2" placeholder="$form_question_label" value = ""&gt;";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Added no '*' (asterisk) to indicate the 'Text Field' is NOT a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label:&lt;/label&gt;
<i> </i> &lt;input type="text" name="$value_2" placeholder="$form_question_label"&gt;";
<i> </i> }
<i> </i> echo "&lt;br&gt;";
<i> </i> }
<i> </i> //Check if current 'Form Item' is a 'Radio Button' or not.
<i> </i> if(in_array("$form_question_label",$radio_buttons_labels)) //Current 'Form Item' proved to be a 'Radio Button'.
<i> </i> {
<i> </i> //Check if current 'Form Item' (Radio Button) is a 'required' one or not.
<i> </i> if(in_array("$form_question_label",$form_questions_labels_required))//Current 'Form Item' (Radio Button) proved to be a 'required' one.
<i> </i> {
<i> </i> //Added '*' (asterisk) to indicate the 'Radio Button' is a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label *:&lt;/label&gt;";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Added no '*' (asterisk) to indicate the 'Radio Button' is NOT a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label:&lt;/label&gt;";
<i> </i> }
<i> </i> $i = 0;
<i> </i> foreach($radio_buttons_labels as $radio_button_label) //$radio_buttons_labels = ('Gender','Tos');
<i> </i> {
<i> </i> if($form_question_label == $radio_button_label) //eg. 'Gender'.
<i> </i> {
<i> </i> $i++;
<i> </i> foreach($options_radio_button_[$i] as $option_radio_button_[$i])
<i> </i> {
<i> </i> echo "&lt;input type="radio" id="$option_radio_button_[$i]" name="$value_2" value="$option_radio_button_[$i]"&gt;
<i> </i> &lt;label_for="$option_radio_button_[$i]"&gt;$option_radio_button_[$i]&lt;/label&gt;";
<i> </i> }
<i> </i> echo "&lt;br&gt;";
<i> </i> }
<i> </i> $i++;
<i> </i> }
<i> </i> }
<i> </i> //Check if current 'Form Item' is a 'Drop Down' or not.
<i> </i> if(in_array("$form_question_label",$drop_downs_labels)) //Current 'Form Item' proved to be a 'Drop Down'.
<i> </i> {
<i> </i> //Check if current 'Form Item' (Drop Down) is a 'required' one or not.
<i> </i> if(in_array("$form_question_label",$form_questions_labels_required))//Current 'Form Item' (Drop Down) proved to be a 'required' one.
<i> </i> {
<i> </i> //Added '*' (asterisk) to indicate the 'Drop Down' is a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label *:&lt;/label&gt;";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Added no '*' (asterisk) to indicate the 'Drop Down' is NOT a 'required' one.
<i> </i> echo "&lt;label for="$value_2"&gt;$form_question_label:&lt;/label&gt;";
<i> </i> }
<i> </i> $i = 0;
<i> </i> foreach($drop_downs_labels as $drop_down_label)//$drop_downs_labels = ('Marital Status','Working Status');
<i> </i> {
<i> </i> if($form_question_label == $drop_down_label)
<i> </i> {
<i> </i> $i++;
<i> </i> echo "&lt;select name="$value_2"&gt;";
<i> </i> echo "&lt;option value="$option_drop_down_[$i]"&gt;$option_drop_down_[$i]&lt;/option&gt;";
<i> </i> foreach($options_drop_down_[$i] as $option_drop_down_[$i])
<i> </i> {
<i> </i> echo "&lt;option value="$option_drop_down_[$i]"&gt;$option_drop_down_[$i]&lt;/option&gt;";
<i> </i> }
<i> </i> echo "&lt;/select&gt;";
<i> </i> echo "&lt;br&gt;";
<i> </i> }
<i> </i> $i++;
<i> </i> }
<i> </i> }
<i> </i> }
<i> </i> ?&gt;
<i> </i> &lt;input type="submit" name="submit_personal_details" value="Submit"&gt;
<i> </i> &lt;?php
<i> </i> //$current_function = __FUNCTION__;
<i> </i> //echo $current_function;
<i> </i>
<i> </i> if($_SERVER['REQUEST_METHOD'] === 'POST')
<i> </i> {echo "Line 217&lt;br&gt;";
<i> </i> if(isset($_POST['submit_personal_details']) &amp;&amp; $_SESSION['session_step'] != 'end')
<i> </i> {
<i> </i> $_SESSION['session_step'] = 'end';
<i> </i> echo "Line 223&lt;br&gt;";
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i> foreach($form_questions_labels_required AS $form_question_label_required)
<i> </i> {
<i> </i> $value = $form_question_label_required;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i>
<i> </i> if(!isset($_POST["$value_2"]) || trim ($_POST["$value_2"]) === '')//Do not use 'empty($_POST["$value_2"]))' here as a '0' value is considered 'empty' value.
<i> </i> {
<i> </i> echo "Fill-in All required Form Fields that! Fields with asterisks * are required to be filled-in!&lt;br&gt;";
<i> </i> //die("Fill-in All required Form Fields that! Fields with asterisks * are required to be filled-in!");
<i> </i> }
<i> </i> /*
<i> </i> else
<i> </i> {
<i> </i> echo "$value_2&lt;br&gt;"; echo "Line 227!&lt;br&gt;";
<i> </i> }
<i> </i> */
<i> </i> }
<i> </i> echo "Line 242&lt;br&gt;";
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i> session_destroy();
<i> </i> echo "Line 246&lt;br&gt;";
<i> </i> echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
<i> </i> echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
<i> </i>
<i> </i> //Connect to Database. (DB_SERVER, BD_USERNAME, DB_PASSWORD, DB_NAME).
<i> </i> $conn = mysqli_connect("localhost","root","","powerpage");
<i> </i> $conn-&gt;set_charset('utf8mb4'); //Always set Charset.
<i> </i>
<i> </i> if($conn === false)
<i> </i> {
<i> </i> die("ERROR: Connection Error!. " . mysqli_connect_error());
<i> </i> }
<i> </i>
<i> </i> //Prepare an UPDATE Statement.
<i> </i> $sql_query = 'UPDATE users SET ';//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
<i> </i> foreach($form_questions_labels AS $form_question_label)
<i> </i> {
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i>
<i> </i> if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i> {
<i> </i> $sql_query = $sql_query . "$value_2 = ?, ";
<i> </i> }
<i> </i> }
<i> </i> $sql_query = $sql_query . 'WHERE id = ?;';
<i> </i> //Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name's placeholder. Eg. $sql_query = "UPDATE users SET first_name = ?, surname = ?, WHERE id = ?";
<i> </i> $value_3 = $sql_query;
<i> </i> $value_4 = str_replace("= ?, WHERE","= ? WHERE","$value_3");//Replaced the Comma after the final column name's placeholder.
<i> </i> $sql_query = $value_4;
<i> </i> echo "$sql_query&lt;br&gt;"; echo "Line:277&lt;br&gt;";
<i> </i> /*
<i> </i> if(!mysqli_prepare($conn,$query)
<i> </i> {
<i> </i> //Close Connection.
<i> </i> mysqli_close($conn);
<i> </i> echo "Line 322&lt;br&gt;";//DELETE THIS
<i> </i> die("&lt;pre&gt;Statement Execution Failed!n".mysqli_error($conn)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
<i> </i> }
<i> </i> */
<i> </i> $sql_query = "UPDATE users SET first_name = ?, middle_name = ?, surname = ?, gender = ?, marital_status = ?, working_status = ? WHERE id = ?";
<i> </i> $stmt = mysqli_prepare($conn,$sql_query);
<i> </i> if($stmt == False)
<i> </i> {
<i> </i> //Close Connection.
<i> </i> mysqli_close($conn);
<i> </i> echo "Line 293&lt;br&gt;";//DELETE THIS
<i> </i> die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_stmt_error($stmt)."n$sql_query&lt;/pre&gt;");
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> //Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
<i> </i> $_SESSION["user_id"] = 13; //DELETE THIS LINE
<i> </i>
<i> </i> /*
<i> </i> foreach($form_questions_labels AS $form_question_label)
<i> </i> {
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = '$' . "$value_2,";
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> echo $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$' . "$value_2,";
<i> </i> }
<i> </i> }
<i> </i> echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"]);';
<i> </i> */
<i> </i>
<i> </i> /*
<i> </i> echo $mysqli_stmt_bind_param_part_1 = 'mysqli_stmt_bind_param($';
<i> </i> echo $mysqli_stmt_bind_param_part_2 = 'stmt,'ssssssi',';
<i> </i> echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_1" . "$mysqli_stmt_bind_param_part_2" . "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);
<i> </i> mysqli_stmt_bind_param($mysqli_stmt_bind_param);
<i> </i> */
<i> </i>
<i> </i> /*
<i> </i> echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);
<i> </i> mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param,$_SESSION["user_id"]);
<i> </i> */
<i> </i> echo "Line 330&lt;br&gt;";
<i> </i> mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_SESSION["user_id"]);
<i> </i> //Attempt to Execute the Prepared Statement.
<i> </i> mysqli_stmt_execute($stmt);
<i> </i> if(!mysqli_stmt_execute($stmt))
<i> </i> {
<i> </i> //Close Connection.
<i> </i> mysqli_close($conn);
<i> </i> echo "Line 322&lt;br&gt;";//DELETE THIS
<i> </i> die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
<i> </i> }
<i> </i> //mail();
<i> </i> }
<i> </i> }
<i> </i> }
<i> </i>}
}
echo "Line 337&lt;br&gt;";
echo "Session Step:"; echo $_SESSION['session_step']; echo "&lt;br&gt;";
echo "Session Status:"; echo session_status(); echo "&lt;br&gt;";
?&gt;
Copy linkTweet thisAlerts:
@developer_webauthorMay 18.2020 — I switched this:


<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,$_SESSION["user_id"]);


to this:

<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION["user_id"]);


And it is working.

Ok. So I got the bare mini to work. Now let's try the complicated way.

I do not understand why the old code was not producing error stating undefined variables $first_name, $surname, etc. This is on:

<?php

error_reporting(E_ALL);

?>
Copy linkTweet thisAlerts:
@NogDogMay 18.2020 — So it looks like the root cause of all of this is your belief that you can merge multiple function arguments into one variable whose contents **look** like multiple arguments, but in actuality is treated by PHP as just one argument. This is wrong. If a function requires 2 arguments, then each must be a separate variable or literal value.
<i>
</i>some_function($foo, $bar) { . . . }
// ..is not the same as...
$fubar = "$foo, $bar";
some_function($fubar) { . . . }

In the latter (invalid) case, you are only passing one argument, which will be a string that has the two string values from $foo and $bar with a comma between them -- _but it's just one string._

You _might_ be able to leverage call_user_func_array() to do something similar, but I'm not sure it would work (and I'd not bother, since it would be much easier/cleaner to solve with PDO).
<i>
</i>$args = array(
$conn,
'ssssi',
$val1,
$val2,
$val3,
$val4,
$val5
);
call_user_func_array('mysqli_stmt_bind_param', $args);
Copy linkTweet thisAlerts:
@developer_webauthorMay 20.2020 — @NogDog#1618570

You understood EXACTLY being SPOT ON what I am trying to do! :)

last night, I made-up my mind to learn pdo and try it. Been promising programmers on many forums I will start learning pdo soon, when they suggested it many times, and this "soon" hasn't arrived as of today since 2016!!!

Lol!

Anyway, I know about phpdelusions.com. Hopping on-board there now.
Copy linkTweet thisAlerts:
@developer_webauthorMay 20.2020 — @NogDog#1618570

I'm afraid the call_user_func_array('mysqli_stmt_bind_param', $args); didn't work.

Nice try, though. If you manage to come-up with any other ideas then let me know.

Btw, I wasn't aware of that function. Checked the manual. The examples there did my head in and so I ran away. Remember, I am still on procedural style programming and not on oop yet as I do not understand what an object is.
Copy linkTweet thisAlerts:
@developer_webauthorMay 20.2020 — [upl-image-preview url=https://www.webdeveloper.com/assets/files/2020-05-20/1589994053-850317-reply-to-myself.png]

This forum has a bug. I can reply to my own post! Lol!
Copy linkTweet thisAlerts:
@developer_webauthorMay 20.2020 — Ok folks,

I give-up. Let's see you try.

Look at this code:
<i>
</i>mysqli_stmt_bind_param($stmt,'sss',$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$user_id']);


As you can see, there are 3 'sss' due to 3 $_POST[] inputs into my web form by my visitor.

The form will have many optional fields, like 'Middle Name' and so, if user leaves this empty, then the above code is useless and the following would be needed instead:

<i>
</i>mysqli_stmt_bind_param($stmt,'ss',$_POST['first_name'],$_POST['surname'],$user_id']);


Now, since I don't know which fields would be left empty, I won't know which one to use from the above 2 examples.

Now, I don't want to be coding with IFs because if there are too many options then I got to code too many ELSEIFs.
<i>
</i>if($_POST['title'] == '') &amp;&amp; $_POST['middle_name'] == ''))
{
mysqli_stmt_bind_param($stmt,'sss',$_POST['first_name'],$_POST['surname'],$user_id']);
}
elseif($_POST['title'] == '')
{
mysqli_stmt_bind_param($stmt,'ssss',$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$user_id']);
}
if($_POST['middle_name'] == '')
{
mysqli_stmt_bind_param($stmt,'ssss',$_POST['title'],$_POST['first_name'],$_POST['surname'],$user_id']);
}


Can you see how many IF & IF->ELSE I am using based on 2 optional fields filled-in or not filled-in (title, middle name) ? If checking whether a mere 2 option has been filled-in or not generate 3 ELSE->ElseIFs then imagine if I have many optional fields then for each I'd have to code many ELSE->IFs likewise. Tiring.

Isn't there a simpler way to check where I don't have to write one instance of the mysql_stmt_bind_param() for each option ?

Bear in mind, form labels match column names in mysql table.

Eg1. Column Names: first_name, middle_name.

Eg2. Form Labels: First Name, Middle Name.

Eg3. form item's html names: name='first_name', name='middle_name'.

Throughout my code, I will use Form labels (eg. First Name, Middle Name). And I will be generating form item's name element values by switching the Form Labels to lower cases and replacing spaces with underscores. Like generate from 'First Name" to 'first_name'. Eg.

<input type =' text' name = '$value_2'>

This will ouput:

<input type =' text' name = 'first_name'>

And so on. You get the picture.

Will be switching using $value_2, $value_3 etc. And so, when you come across these variables then understand what I am doing there. Ok ?

I tried to achieve my purpose of not having too many IF & ELSEs like this:
<i>
</i>$form_questions_labels[]='Title';
$form_questions_labels[]='First Name';
$form_questions_labels[]='Middle Name';
$form_questions_labels[]='Surname';
$form_questions_labels[]='Gender';
$form_questions_labels[]='Marital Status';
$form_questions_labels[]='Working Status';

$form_questions_labels_required[]='First Name';
$form_questions_labels_required[]='Surname';
$form_questions_labels_required[]='Gender';
$form_questions_labels_required[]='Marital Status';
$form_questions_labels_required[]='Working Status';

if($conn === false)
{
die("ERROR: Connection Error!. " . mysqli_connect_error());
}

//Prepare an UPDATE Statement.
$sql_query = 'UPDATE users SET ';//Half built the query here. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i>if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i>{
<i> </i> $sql_query = $sql_query . "$value_2 = ?, ";
<i> </i>}
}
$sql_query = $sql_query . 'WHERE id = ?;';
//Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name's placeholder. Eg. $sql_query = "UPDATE users SET first_name = ?, surname = ?, WHERE id = ?";
$value_3 = $sql_query;
$value_4 = str_replace("= ?, WHERE","= ? WHERE","$value_3");//Replaced the Comma after the final column name's placeholder.
$sql_query = $value_4;
echo "$sql_query&lt;br&gt;"; echo "Line:277&lt;br&gt;";

$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == False)
{
//Close Connection.
mysqli_close($conn);
echo "Line 293&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_stmt_error($stmt)."n$sql_query&lt;/pre&gt;");
}
else
{
//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["user_id"] = 13; //DELETE THIS LINE AFTER DEV MODE IS COMPLETE
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = '$_POST["' . $value_2 . '"],';
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$_POST["' . $value_2 . '"],';
<i> </i> }
<i> </i> }
echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"]);';

echo $mysqli_stmt_bind_param_3_4 = "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4";

echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks something like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);
mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param);

//Attempt to execute the Prepared Statement.
if(!mysqli_stmt_execute($stmt))
{
//Close Connection.
mysqli_close($conn);

<i> </i>die("Could not update! Please try again later!");
}
echo "Line 330&lt;br&gt;";
echo $_SESSION['user_id']; echo "&lt;br&gt;";
//mysqli_stmt_bind_param($stmt,'ssssssi',$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION["user_id"]);
//Attempt to Execute the Prepared Statement.
mysqli_stmt_execute($stmt);
if(!mysqli_stmt_execute($stmt))
{
//Close Connection.
mysqli_close($conn);
echo "Line 322&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param_3_4&lt;/pre&gt;");
}


Php is not taking into account that this is a valid bind_param:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param_part_3_4);


It doesn't like this last part ...

<i>
</i>$mysqli_stmt_bind_param_part_3_4);


I think it is taking the 3rd parameter as a string and not variables.

The value of **$mysqli_stmt_bind_param_part_3_4**

looks something like this:

<i>
</i>$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION['user_id']


And therefore, I was hoping php would interpret this generated line of code:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param_part_3_4);


as something this:

<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',,$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION['user_id']);


And then use the above line as the binding parameters to UPDATE the tbl row in mysql.

But like I said, php is not like this final part of the line or the 3rd parameter of the mysqli_stmt_bind_param():
<i>
</i>$mysqli_stmt_bind_param_part_3_4


If you look carefully over my code, you will see I did not use many ELSEIFs.

Anyway, since I did make an attempt while still in procedural style programming (still not an intermediate) then I guess you adv people will be able to succeed in your attempts. So, how about showing me how you would do the coding ?

Have you ever tried anything like this to shorten things up so you need not write so many ELSEIFs ?
Copy linkTweet thisAlerts:
@NogDogMay 20.2020 — <i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',,$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION['user_id']);

First problem: the two consecutive commas after 'ssssssi'.

Second problem: the number of variables you supply after that string must exactly match the number of characters (i.e. place-holders) in that string. You have 7 characters, but only 5 parameters variables after that (not counting the extra comma).
Copy linkTweet thisAlerts:
@NogDogMay 20.2020 — 3rd problem: mysqli is going to be a pain if you want to use bound parameters without knowing how many there will be. You could try what was done in [this comment at php.com](https://www.php.net/manual/en/mysqli-stmt.bind-param.php#117761), though my guess is that will just confuse you.
Copy linkTweet thisAlerts:
@developer_webauthorMay 21.2020 — @NogDog#1618644

<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',,$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION['user_id']);


The above line was actually not from my script. I just showed it as an example in this thread.

The extra comma I guess I hit the comma button twice when writing that here.

I know 'ssssssi' must match the variables in the 3rd parameter.
Copy linkTweet thisAlerts:
@developer_webauthorMay 21.2020 — @NogDog#1618645

Thanks for the link. Checking it out now.

EDIT: Boy, that was confusing.

You were right NogDog. It was way over my head. First few lines I understood but lines later got too much for me to handle.

https://www.php.net/manual/en/mysqli-stmt.bind-param.php#117761
Copy linkTweet thisAlerts:
@developer_webauthorMay 21.2020 — I've been struggling for 3 nights now on this ....

Look at this. Are not there 6 form items or 6 variables plus 1 session variable ?
<i>
</i>$_POST['first_name'];
$_POST['middle_name'];
$_POST['surname'];
$_POST['gender'];
$_POST['marital_status'];
$_POST['working_status'];
$_SESSION['user_id'];


Look at the img. 6 form items filled that are related to the $_POST[] mentioned above.

Plus 1 ...

<i>
</i>$user_id = $_SESSION['user_id'];


That is a total of 7 variables. Which we write mysqli_bind_param() like so:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION['user_id']);


[upl-image-preview url=https://www.webdeveloper.com/assets/files/2020-05-21/1590071259-571996-six-strings-and-an-int.png]

But I can't directly write the mysqli_stmt_bind_param() like above as I got to get php to check which form item and how many item has been filled before the mysqli_stmt_bind_param() can be generated.

Now, look at the img, I filled-in all form items. That is 6 items or 6 variables. Add the 1
<i>
</i>$user_id = $_SESSION['user_id'];

that is 7. So, somehow got to get php generate mysqli_stmt_bind_param(), who's param values look like this:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION['user_id']);

Note the part:
<i>
</i>'ssssssi'


Even though this line works without any errors:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$_POST['first_name'],$_POST['middle_name'],$_POST['surname'],$_POST['gender'],$_POST['marital_status'],$_POST['working_status'],$_SESSION['user_id']);


When I try genererating that line of code, I get error:

**Warning: mysqli_stmt_bind_param(): Number of elements in type definition string doesn't match number of bind variables in C:**

Why the error ?

Look, how I tried generating that mysqli_stmt_bind_param():
<i>
</i>
$form_questions_labels[]='First Name';
$form_questions_labels[]='Middle Name';
$form_questions_labels[]='Surname';
$form_questions_labels[]='Gender';
$form_questions_labels[]='Marital Status';
$form_questions_labels[]='Working Status';

$form_questions_labels_required[]='First Name';
$form_questions_labels_required[]='Surname';
$form_questions_labels_required[]='Gender';
$form_questions_labels_required[]='Marital Status';
$form_questions_labels_required[]='Working Status';

//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["user_id"] = 13; //DELETE THIS LINE

foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
if($form_question_label == $form_questions_labels[0])
{
$mysqli_stmt_bind_param_part_3 = '$_POST["' . $value_2 . '"],';
}
else
{
$mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$_POST["' . $value_2 . '"],';
}
}
echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"]);';

echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssss',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);
mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param);


Note the final line:

mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param);

[/code]

Note the 2nd param:
<i>
</i>'ssssssi'


There are 6 strings and 1 INT.

Total 7. For these:
<i>
</i>$_POST['first_name']; //string
$_POST['middle_name']; //string
$_POST['surname']; //string
$_POST['gender']; //string
$_POST['marital_status']; //string
$_POST['working_status']; //string
$_SESSION['user_id']; //INT


So, why I get the error ?


[upl-image-preview url=https://www.webdeveloper.com/assets/files/2020-05-21/1590071604-118667-six-strings-and-an-int-error.png]

Line 329 is this:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param);


Note the 7 variables. The 6 variables related to the $_POSTs and the 1 $_SESSION['user_id']


CONTEXT OF CODE ...
<i>
</i>//Prepare an UPDATE Statement.
$sql_query = 'UPDATE users SET ';//Half built the query. Now got to grab the Column Names (which need querying) that match the form Item Names.
foreach($form_questions_labels AS $form_question_label)
{
$value = $form_question_label;
$value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
$value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.

<i> </i>if(isset($_POST["$value_2"]) &amp;&amp; !empty($_POST["$value_2"]))
<i> </i>{
<i> </i> $sql_query = $sql_query . "$value_2 = ?, ";
<i> </i>}
}

$sql_query = $sql_query . 'WHERE id = ?;';
//Now below, need to fix the last part of the Mysql Tbl Query as query has been generated something like this with a comma after the final column name's placeholder. Eg. $sql_query = "UPDATE users SET first_name = ?, surname = ?, WHERE id = ?";
$value_3 = $sql_query;
$value_4 = str_replace("= ?, WHERE","= ? WHERE","$value_3");//Replaced the Comma after the final column name's placeholder.
$sql_query = $value_4;
echo "SQL Query: $sql_query&lt;br&gt;"; echo "Line:277&lt;br&gt;";

$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == False)
{
//Close Connection.
mysqli_close($conn);
echo "Line 293&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_stmt_error($stmt)."n$sql_query&lt;/pre&gt;");
}
else
{
//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["user_id"] = 13; //DELETE THIS LINE

<i> </i>foreach($form_questions_labels AS $form_question_label)
<i> </i>{
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = '$_POST["' . $value_2 . '"],';
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$_POST["' . $value_2 . '"],';
<i> </i> }
<i> </i>}
<i> </i> echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"]);';

$stmt = mysqli_prepare($conn,$sql_query);
if($stmt == False)
{
//Close Connection.
mysqli_close($conn);
echo "Line 293&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Mysqli Prepare Failed!n".mysqli_stmt_error($stmt)."n$sql_query&lt;/pre&gt;");
}
else
{
//Generate the mysqli_stmt_bind_param() in parts to generate the variables matching the 'Column Names'.
$_SESSION["user_id"] = 13; //DELETE THIS LINE

<i> </i>foreach($form_questions_labels AS $form_question_label)
<i> </i>{
<i> </i> $value = $form_question_label;
<i> </i> $value_1 = str_replace(" ","_","$value"); //Replaced Spaces to Underscores.
<i> </i> $value_2 = strtolower("$value_1"); //Replaced Upper Case to Lower Case.
<i> </i> if($form_question_label == $form_questions_labels[0])
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = '$_POST["' . $value_2 . '"],';
<i> </i> }
<i> </i> else
<i> </i> {
<i> </i> $mysqli_stmt_bind_param_part_3 = "$mysqli_stmt_bind_param_part_3" . '$_POST["' . $value_2 . '"],';
<i> </i> }
<i> </i>}
echo $mysqli_stmt_bind_param_part_4 = '$_SESSION["user_id"]);';

echo $mysqli_stmt_bind_param = "$mysqli_stmt_bind_param_part_3" . "$mysqli_stmt_bind_param_part_4"; //Now Bind Param looks like this: mysqli_stmt_bind_param($stmt,'ssssssi',$first_name,$middle_name,$surname,$gender,$marital_status,$working_status,13);
mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param);
echo "Line 330&lt;br&gt;";
echo $_SESSION['user_id']; echo "&lt;br&gt;";
//Attempt to Execute the Prepared Statement.
mysqli_stmt_execute($stmt);
if(!mysqli_stmt_execute($stmt))
{
//Close Connection.
mysqli_close($conn);
echo "Line 322&lt;br&gt;";//DELETE THIS
die("&lt;pre&gt;Statement Execution Failed!n".mysqli_stmt_error($stmt)."n$mysqli_stmt_bind_param&lt;/pre&gt;");
}
}


Ok, NogDog has already told me my 3rd param is wrong here:
<i>
</i>mysqli_stmt_bind_param($stmt,'ssssssi',$mysqli_stmt_bind_param);

But this following error is not related to that:

**Warning: mysqli_stmt_bind_param(): Number of elements in type definition string doesn't match number of bind variables in C:xampphtdocspower.pagesearch_2.php on line 329**

Why I get the above error ? That is my question tonight.

As for this error ....

**Statement Execution Failed!

No data supplied for parameters in prepared statement**


That is related to my incorrect 3rd param that I just mentioned. Still haven't found a simple procedural style programming workaround for that one. I am afraid.
Copy linkTweet thisAlerts:
@zackxoxoMay 21.2020 — [Message deleted...please start your own thread instead of hijacking somebody else's. ~ MOD]
Copy linkTweet thisAlerts:
@developer_webauthorMay 24.2020 — Did anyone spot my error, if any, on my previous post's code ?
Copy linkTweet thisAlerts:
@zackxoxoMay 24.2020 — But this following error is not related to that:

Warning: mysqli_stmt_bind_param(): Number of elements in type definition string doesn't match number of bind variables in C:xampphtdocspower.pagesearch_2.php on line 329

Why I get the above error ? That is my question tonight.

As for this error ....

Statement Execution Failed!

No data supplied for parameters in prepared statement

That is related to my incorrect 3rd param that I just mentioned. Still haven't found a simple procedural style programming workaround for that one. I am afraid.

https://trackeasy.fun/usps/ https://showbox.tools/ https://speedtest.vet/
×

Success!

Help @developer_web spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 3.28,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,

tipper: @Samric24,
tipped: article
amount: 1000 SATS,

tipper: Anonymous,
tipped: article
amount: 10 SATS,
)...