[RESOLVED] Prepared Statement Error
Results 1 to 3 of 3

Thread: [RESOLVED] Prepared Statement Error

  1. #1
    Junior Member
    Join Date
    Mar 2010
    Posts
    23

    resolved [RESOLVED] Prepared Statement Error

    I'm trying to use prepared statements to retrieve user information from my DB. I want to be able to retrieve this information based one one of multiple columns (id, user_name, activation_token). But, I'm running into an error when I try to define which column to use. Here's the code:

    PHP Code:
    //Retrieve complete user information by username, token or ID
    function fetchUserDetails($username=NULL,$token=NULL$id=NULL)
    {
        global 
    $mysqli,$db_table_prefix
        
    $stmt $mysqli->prepare("SELECT 
            id,
            user_name,
            display_name,
            password,
            email,
            activation_token,
            last_activation_request,
            lost_password_request,
            active,
            title,
            sign_up_stamp,
            last_sign_in_stamp
            FROM "
    .$db_table_prefix."users
            WHERE
            ? = ?
            LIMIT 1"
    );
        if(
    $username!=NULL) {
            
    $stmt->bind_param("ss""user_name"$username);
        }
        elseif(
    $token!=NULL) {
            
    $column "activation_token";
            
    $stmt->bind_param("ss"$column$token);
        }
        elseif(
    $id!=NULL) {
            
    $column "id";
            
    $stmt->bind_param("ss"$column$id);
        }
        
        
    $stmt->execute();
        
    $stmt->bind_result($id$user$display$password$email$token$activationRequest$passwordRequest$active$title$signUp$signIn);
        while (
    $stmt->fetch()){
            
    $row = array('id' => $id'user_name' => $user'display_name' => $display'password' => $password'email' => $email'activation_token' => $token'last_activation_request' => $activationRequest'lost_password_request' => $passwordRequest'active' => $active'title' => $title'sign_up_stamp' => $signUp'last_sign_in_stamp' => $signIn);
        }
        
    $stmt->close();
        return (
    $row);

    As you can see, I'm trying two different methods here. In username, trying to bind the first parameter as a string. When I do this, I get the error:

    Fatal error: Cannot pass parameter 2 by reference
    In the second case, I'm assigning the column name "activation_token" to a variable, and then using that variable to bind the first paramete. When I do this, I get the error:

    Notice: Undefined variable: row
    As if there's no information in the DB with the token I'm defining, so it couldn't retrieve it... but there definitely is data there.

    Any help would be appreciated

  2. #2
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,390
    You can't use bound parameters to define column names (or any other identifier) - only values.

  3. #3
    Junior Member
    Join Date
    Mar 2010
    Posts
    23
    Oh, well that explains it.

    And as soon as you say that, I wonder why I was trying to instead of putting those if statements above the prepare, and defining the variables up there. It's not like the column is user defined...

    Thanks. I couldn't see the forest for the trees.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •