PHP Signup form, Passing multi line MySql query

Question

I was trying to understand how signup forms work, came across this. Got stuck at passing Sql queries through prepare()

<?php include 'connectdb.php';
 if(isset($_POST['username'])){
 $username=$_POST['username'];
 } 
 if (isset($_POST['password'])) {

$password=$_POST['password']; 
}
 if (isset($_POST['email'])) {
$email=$_POST['email'];
} 
 if (isset($_POST['firstname'])) {
$firstname=$_POST['firstname'];
} 
if (isset($_POST['lastname'])) { 
 $lastname=$_POST['lastname'];
}                                                                                   
    if(isset($_POST['birthday_day'])
     &&isset($_POST['birthday_month']) 
    &&isset($_POST['birthday_year'])){
   $dob =  $_POST['birthday_year']."-".$_POST['birthday_month']."- ".$_POST['birthday_day'];
} 
$sex = "F"; /*Temporarliy passing!*/ 
$sqlCombined = "INSERT INTO `login` (username, password) VALUES (?,?);   INSERT INTO `userdata` (username,dob,firstname,lastname,email,sex) VALUES (?,?,?,?,?,?)";
$stmt = $db-> prepare($sqlCombined);
$stmt -> bind_param('ssssssss', $username,$password,$username,$dob,$firstname,$lastname,$email,$sex);
$stmt -> execute();
$stmt -> close(); header("location: login.php"); ?>

Error Log:

Fatal error: Uncaught Error: Call to a member function bind_param() on boolean in C:\xampp\htdocs\puddleweb\signup.php:67 Stack trace: #0 {main} thrown in C:\xampp\htdocs\puddleweb\signup.php on line 67

Do you understand what's written in your code with this awful formatting? — u_mulder, Aug 23 '16 at 13:31
You might want to log errors and add that to the question so we understand what is going on. You can't really expect us to try this ourselves to help you out! :) — theabhinavdas, Aug 23 '16 at 13:39
you are confuzzling multi_query and params. Start with single queries and have that password hashed. I have 2 examples of user registration with hash off my profile page. One for pdo and one for `mysqli` . If you run into problems please ask. — Drew, Aug 23 '16 at 13:49
Please add problem, expected and actual result. Also take a look stack overview formatting to look and understand better for others. — Jitesh Sojitra, Aug 23 '16 at 15:22
Fatal error: Uncaught Error: Call to a member function bind_param() on boolean in C:\xampp\htdocs\puddleweb\signup.php:67 Stack trace: #0 {main} thrown in C:\xampp\htdocs\puddleweb\signup.php on line 67 — Rishabh Yadav, Aug 23 '16 at 16:27

score 0 · Accepted Answer · edited May 23 '17 at 10:29

0

There is an issue with the query statement. See here. the prepare() function returns a boolean result. true if the statement succeeds and false if there is an error in the query. After the semicolon in a SQL statement, the query is finished, you cannot combine the statements like this. You need to break up these SQL queries. like this:

$stmtUser = prepare("INSERT INTO userdata (username,dob,firstname,lastname,email,sex) VALUES (?,?,?,?,?,?)");

$stmtLogin = prepare("INSERT INTO login (username, password) VALUES (?,?)");

Similar to this.

You will also have to create two bind_param statements using the two statement variables that we built ($stmtUser and $stmtLogin)

Hope this helps.

This Post may help you troubleshoot as well.

edited May 23 '17 at 10:29

Community

1
1

answered Aug 23 '16 at 17:15

xec86

1,166
1
10
17

I dont see anything immediately wrong with that statement but without having the variable assignments and statements on separate lines it makes it difficult to read. Is it working? If not, please post updated error log entries for the webserver – xec86 Aug 23 '16 at 19:01
$sqlLogin = "INSERT INTO `login` (username, password) VALUES (?,?)"; $sqlUserdata = "INSERT INTO `userdata` (username,dob,firstname,lastname,email,sex) VALUES (?,?,?,?,?,?)"; $stmt = $db-> prepare($sqlLogin); $stmt -> bind_param('ss', $username,$password); $stmt -> execute(); $stmt -> close(); $udStmt = $db ->prepare($sqlUserdata); $udStmt-> bind_param('ssssss',$username,$dob,$firstname,$lastname,$email,$sex); $udStmt->execute(); $udStmt->close(); header("location: login.php"); ; /*This Seems to be working, but partially, Userdata table is not updating */ – Rishabh Yadav Aug 23 '16 at 19:03
Login table gets updated, but the userdata table doesn't get a single value. – Rishabh Yadav Aug 23 '16 at 19:07
No errors. Just gets redirected to login.php. I checked phpmyadmin, Login table had username and password, userdata table was empty. – Rishabh Yadav Aug 24 '16 at 00:22

PHP Signup form, Passing multi line MySql query

1 Answers1