doudou_3636 2014-04-07 20:06
浏览 615
已采纳

警告:mysqli_stmt_bind_param()期望参数1是mysqli_stmt,给定布尔值? [重复]

this is the first time ever that I am trying to secure my code against sql injection using mysqli prepared statement. so please be gentle and explain things in simple terms so I can understand it.

Now I am using the following code which I thought i was right but it throws these errors and I do not understand that at all.

here is the errors:

Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given in on line 92

Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, boolean given in on line 93

Warning: mysqli_stmt_close() expects parameter 1 to be mysqli_stmt, boolean given in  on line 96

here is the code:

$stmt = mysqli_prepare(
    $db_conx,
    "INSERT $storenameTable (firstname, lastname, username, address_1, address_2, postcode,  country, county, city, email, password, storeShop, signupdate) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
);
//after validation, of course
mysqli_stmt_bind_param($stmt, "issi", $firstname, $lastname, $username, $address_1, $address_2, $postcode, $country, $county, $city, $email, $hashedPass, $storenameTable);
mysqli_stmt_execute($stmt);     <//<<<<<<<< line 92
if (mysqli_affected_rows($db_conx))     <//<<<<<<<< line 93
{
    mysqli_stmt_close($stmt);  <//<<<<<<<< line 96
    //update was successful
    $id = mysqli_insert_id($db_conx);
}

i would appreciate your help.

</div>
  • 写回答

2条回答 默认 最新

  • doz22551 2014-04-07 20:16
    关注

    It seems that you have a missing parameter, you should have 13 parameters and 13 ? check the two parameters after password. (I took out signupdate) try the below :

    $stmt = mysqli_prepare(
        $db_conx,
        "INSERT INTO $storenameTable (firstname, lastname, username, address_1, address_2, postcode,  country, county, city, email, password, storeShop) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
    );
    //after validation, of course
    mysqli_stmt_bind_param($stmt, "issi", $firstname, $lastname, $username, $address_1, $address_2, $postcode, $country, $county, $city, $email, $hashedPass, $storenameTable);
    mysqli_stmt_execute($stmt);     <//<<<<<<<< line 92
    if (mysqli_affected_rows($db_conx))     <//<<<<<<<< line 93
    {
        mysqli_stmt_close($stmt);  <//<<<<<<<< line 96
        //update was successful
        $id = mysqli_insert_id($db_conx);
    }
    

    You also can get more details on the last error by using var_dump(mysqli_error($db_conx));

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 为什么zynq CAN IP 无法进入config配置模式,XCan_SelfTest函数失效?
  • ¥15 Pycharm中程序直接运行可以但进入调试报错
  • ¥15 MATLAB动图问题
  • ¥15 有段代码不知道怎么理解,const isToken = (config.headers || {}).isToken === false
  • ¥15 我的显卡支持CUDA最高版本是12.3,这个版本也支持VS 2022 17.0这种情况下如果我想下载CUDA11.8,需要下载旧版本的VS2022吗
  • ¥100 采用栈和深度优先算法取消graphics库采用其他方式显示路径打印显示路径取消graphics库
  • ¥15 pointnet2包安装
  • ¥20 射频功率问题,解答者有酬谢!
  • ¥80 构建降雨和积水的预测模型
  • ¥15 #Qt Transform setTransform()在鼠标拖动移动视角是一致在原地不动,无法变换视角(细微观察似乎视图有在原地抖动),无法变换视角(细微观察似乎视图有在原地抖动)