#1
  1. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    667
    Rep Power
    6

    MySQL query. Anyone see something wrong?


    I pretty much copied this from another function that works just great. The MySQL query works just fine when run via PHPMyAdmin. I can't get the echo's or anything to print, so I feel this isn't ever running. I even broke it down to a page that has db info typed straight in with this, and no success. Anyone see something wrong/missing?

    PHP Code:
     $q "msanchez";
       
      
    $statement $link->prepare("SELECT `Department`, `Manager` FROM `userpass` WHERE `Username` = '?'");
      
    $statement->bind_param('s'$q);
      
    $statement->execute();
      
    $statement->bind_result($col1,$col2);
      while (
    $statement->fetch()) {
        echo 
    'col1: ' $col1 '<br />';
        echo 
    'col2: ' $col2 '<br />';
        
    $var['department'] = $col1;
        
    $var['manager'] = $col2;
      }
      
    $statement->close(); 

    EDIT: And even if I toss an echo between each line to see if it maybe makes it so far, then stops, but every echo in that sense prints just fine. :-/
    Last edited by Triple_Nothing; April 2nd, 2013 at 01:10 PM.
  2. #2
  3. Come play with me!
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    13,756
    Rep Power
    9397
    When you're using prepared statements, don't put quotes around string values: PDO and MySQL will take care of that for you.
    PHP Code:
    "SELECT `Department`, `Manager` FROM `userpass` WHERE `Username` = ?" 
  4. #3
  5. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,930
    Rep Power
    1045
    Hi,

    MySQLi doesn't do error reporting by default -- just like the old extension. You have to "manually" fetch the error message from the error property.

    But you can easily get MySQLi to generate errors or throw exceptions via the mysqli_driver class:

    PHP Code:
    // have MySQLi throw exceptions in case of query errors (default: stay silent)
    $mysqli_driver = new mysqli_driver();
    $mysqli_driver->report_mode MYSQLI_REPORT_ERROR MYSQLI_REPORT_STRICT;

    $database = new mysqli('localhost''root''''test');

    $res $database->query('this is meant to fail'); 
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    667
    Rep Power
    6
    In response to requinix: I originally didn't have quotes around it, but just tossed them there as a shot at something. *shrugz*

    In response to Jacqes1: I added your mentioned lines, but get no error. :-/


    Wow. This is lovely, and I hate the rare occasion when this happens... I went and removed my echos n cleaned up my lines to take another stab at this from the begnning, and, well, it works. Bleh.

    And, for the sake of it, here's my final code, if anyone just happens to see a reason the first faults, but not the second.. *shrugz*
    PHP Code:
      include('../../includes/db.php');
      
      
    $q $_GET['q'];
       
      
    $statement $link->prepare("SELECT `Department`, `Manager` FROM `userpass` WHERE `Username` = ?");
      
    $statement->bind_param('s'$q);
      
    $statement->execute();
      
    $statement->bind_result($col1,$col2);
      while (
    $statement->fetch()) {
        
    $var['department'] = $col1;
        
    $var['manager'] = $col2;
      }
      
    $statement->close();
      
      echo 
    '                                <TR>
                                      <TD style="text-align: right;"><H3>Department:&nbsp;</H3></TD>
                                      <TD colspan="2">
                                        <INPUT type="text" name="dept" value="' 
    $var['department'] . '" disabled />
                                      </TD>
                                    </TR>
                                    <TR>
                                      <TD style="text-align: right;"><H3>Manager:&nbsp;</H3></TD>
                                      <TD colspan="2">
                                        <INPUT type="text" name="mgr" value="' 
    $var['manager'] . '" disabled />
                                      </TD>
                                    </TR>'

    Last edited by Triple_Nothing; April 2nd, 2013 at 03:56 PM.

IMN logo majestic logo threadwatch logo seochat tools logo