0

This is the first time I have ever used Mysqli, so when it comes to adding information in the database I am a little lost. Here is the script that I have.

<?php
include("config.php");

$username = $_POST['username'];
$password = $_POST['password'];
$passcheck = $_POST['password-check'];
$email = $_POST['email'];
$address = $_POST['address'];
$suite = $_POST['apt'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$passcrypt = md5($passcheck);

if($_POST['submit']){
$stmt = $db->prepare("SELECT * FROM `accounts` WHERE `username`= ?");
$stmt->bind_param('s', $username);
$stmt->execute();
if($stmt->num_rows != 0){
$final_report = "That username already exists.";
}
if($password <> $passcheck){
$final_report = "Your passwords do not match";
}
if($final_report == NULL){
$stmt = $db->prepare("INSERT INTO `accounts` (`email`, `username`, `password`, `address`, `city`, `state`, `zip`) VALUES (?, ?, ?, ?, ?, ?, ?)");
if (false === $stmt) {
    var_dump($db->error);
}
$stmt->bind_param('sssssss',$email, $username, $passcrypt, $address, $city, $state, $zip);
$stmt->execute();
}
$stmt->close();
}
?>
<form method="POST" action="">
<?php
if($final_report != NULL){
print"{$final_report}";
}
?>
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td>Repeat Password:</td>
<td><input type="password" name="password-check" /></td>
</tr>
<tr>
<td>E-Mail:</td>
<td><input type="text" name="email" /></td>
</tr>
<tr>
<td>Address:</td>
<td><input type="text" name="address" /></td>
</tr>
<tr>
<td>Apt #/Suite:</td>
<td><input type="text" name="apt" /></td>
</tr>
<tr>
<td>City:</td>
<td><input type="text" name="city" /></td>
</tr>
<tr>
<td>State:</td>
<td><input type="text" name="state" /></td>
</tr>
<tr>
<td>Zip Code:</td>
<td><input type="text" name="zip" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Submit" /></td>
</tr>
</table>
</form>

and these are the errors I am returning once the page is submitted. Notice: Undefined variable: final_report in C:\xampp\htdocs\gptcode\signup.php on line 25

string(0) ""

Fatal error: Call to a member function bind_param() on a non-object in C:\xampp\htdocs\gptcode\signup.php on line 30

I am not worried about the notice obviously, but the vardump() is showing nothing so I am not sure what is causing the error for bind_param() I have triple checked table and column names. If the code here is right then my question is, if the actual table has more values and columns in which are listed will it produce such an error, because I did not include all of the columns in the prepare statement?

kira423
  • 325
  • 1
  • 5
  • 26
  • possible duplicate of [Reference - What does this error mean in PHP?](http://stackoverflow.com/questions/12769982/reference-what-does-this-error-mean-in-php) – Ja͢ck Apr 22 '14 at 02:37

1 Answers1

2

an undefinied var is not NULL use isset($varname)

if you use PDO its bindParam not bind_param

why bind the params in the first place if you use them only once, give an array to execute():

$stmt = $db->prepare("INSERT INTO `accounts` (`email`, `username`, `password`, `address`, `city`, `state`, `zip`) VALUES (:email, :username, :password, :address, :city, :state, :zip)");

$stmt->execute(array(
  ':email' => $mail,
  ':username' => $username,
.... and so on.
));
Rufinus
  • 29,200
  • 6
  • 68
  • 84
  • I am using Mysqli, i assumed it would be an easier start than PDO. – kira423 Nov 05 '12 at 02:44
  • the only real difference is, with pdo you can use deferent databases. syntax is almost the same. – Rufinus Nov 05 '12 at 02:46
  • I knew its not limited to just Mysql like mysqli is, I am just so used to the old mysql_query and such I didn't know where to start. If I can't solve this issue whilst using mysqli I will change to PDO and see how it goes with your suggestion. – kira423 Nov 05 '12 at 02:49