1. 首頁
  2. 問答
  3. 致命錯誤:調用一個成員函數bind_param()布爾在PHP而來自Android應用

致命錯誤:調用一個成員函數bind_param()布爾在PHP而來自Android應用

2017-10-15 34 views
0 
public function StoreUserInfo($sid, $name, $email, $password, $ktp, $gender) { 
    $hash = $this->hashFunction($password); 
    $encrypted_password = $hash["encrypted"]; 
    $salt = $hash["salt"]; 

    $stmt = $this->conn->prepare("UPDATE user SET name = $name , email = $email , encrypted_password = $encrypted_password , salt = $salt, ktp = $ktp , gender = $gender WHERE sid = '$sid'"); 
    $stmt->bind_param("sssssss", $sid, $name, $email, $encrypted_password, $salt, $ktp, $gender); 
    $result = $stmt->execute(); 
    $stmt->close(); 

    if ($result) { 
     $stmt = $this->conn->prepare("SELECT name, email, encrypted_password, salt, ktp, gender FROM user WHERE sid = $sid"); 
     $stmt->bind_param("s", $sid); 
     if ($stmt === FALSE) { 
     die($mysqli->error);} 
     $stmt->execute(); 
     $stmt-> bind_result($token1,$token2,$token3,$token4,$token5,$token6,$token7); 
     while ($stmt-> fetch()) { 
      $user["sid"] = $token1; 
      $user["name"] = $token2; 
      $user["email"] = $token3; 
      $user["ktp"] = $token6; 
      $user["gender"] = $token7; 
     } 
     $stmt->close(); 
     return $user; 
    } else { 
     $response["error"] = TRUE; 
     $response["error_msg"] = "Unknown error occurred in input!"; 
     echo json_encode($response); 
     return false; 
    } 
}

輸入查詢字符串我有這樣的代碼和錯誤顯示致命錯誤:調用一個成員函數bind_param()布爾在PHP而來自Android應用

Fatal error: Call to a member function bind_param() on boolean in line 7

我不應該使用在UPDATE prepare()

但是當我刪除它,它顯示了行同樣的錯誤13

然後我需要bind_param()吧?

我該怎麼辦?

順便說一句,我的輸入更新表中,但我想檢查它並返回它的真實。

來源

2017-10-15 Raven Nyo

+0

你不使用準備好的查詢正確'name = $ name'?在查詢中,您應該將佔位符不直接放入變量 –

+0

您需要綁定這些變量,而不是直接將它們注入到查詢字符串中。 – Qirel

+1

你可以在這裏做一些搜索http://php.net/manual/en/pdostatement.bindparam.php –

回答

1

您使用準備/綁定走錯了路......

mysqli_無名版本:

$stmt = $this->conn->prepare('UPDATE user 
    SET name = ?, 
     email = ? , 
     encrypted_password = ? , 
     salt = ?, 
     ktp = ?, 
     gender = ? 
    WHERE sid =?'); 

    $stmt->bind_param("sssssss", 
     $name, 
     $email, 
     $encrypted_password, 
     $salt, 
     $ktp, 
     $gender, 
     $sid 
     ); 

    $result = $stmt->execute();

的PDO之一:

$stmt = $this->conn->prepare('UPDATE user 
    SET name = :name, 
     email = :email , 
     encrypted_password = :encrypted_password , 
     salt = :salt, 
     ktp = :ktp, 
     gender = :gender 
    WHERE sid =:sid'); 
// $stmt->bind_param("sssssss", $sid, $name, $email, $encrypted_password, $salt, $ktp, $gender); 
$result = $stmt->execute(array(
     ':name'=>$name, 
     ':email'=>$email, 
     ':encrypted_password'=>$encrypted_password, 
     ':salt'=>$salt, 
     ':ktp'=>$ktp, 
     ':gender'=>$gender, 
     ':sid'=>$sid, 
     ) 
    );

來源

2017-10-15 10:13:33 Blag

+0

'name =:?',那會工作嗎? – gregn3

+0

@ gregn3用'execute(array)'版本編輯;) – Blag

+0

'$ stmt-> execute(',不應該是'$ stmt-> execute(array('instead?:) :)(我不確定,我沒有嘗試) – gregn3

相關問題

 相關問題