T_OBJECT_OPERATOR while trying to insert data into mySQL data

Question

trying to input code into the sqldatabase...what am i missing in here? Parse error: syntax error, unexpected T_OBJECT_OPERATOR

<?php
$name = "";
$email = "";
$msg_to_user = "";
if ($_POST['name'] != "") {

    require_once("storescripts/connect_to_mysqli.php");

    // Be sure to filter this data to deter SQL injection, filter before querying database
    $name = $_POST['name'];
    $email = $_POST['email'];
    $sqlCommand = "SELECT * FROM newsletter WHERE email='$email'";
    $sql = mysqli_query($myConnection,$sqlCommand);
    $numRows = mysqli_num_rows($sql);
        if (!$email) {

        $msg_to_user = '<br /><br /><h4><font color="FF0000">Please type an email address ' . $name . '.</font></h4>';
    } else if ($numRows > 0) {
        $msg_to_user = '<br /><br /><h4><font color="FF0000">' . $email . ' is already in the system.</font></h4>';

    } else {
        $sqlCommand="INSERT INTO newsletter (name, email, dateTime)                                                     VALUES(?,?,NOW() )";
$stmt= $myConnection->prepare($sqlCommand);
$stmt=->bind_param('ss',$name,$email);
$stmt->execute();
    $msg_to_user = '<br /><br /><h4><font color="0066FF">Thanks ' . $name . ', you have been added successfully.</font></h4>';
        $name = "";
        $email = "";
    }
}
?>

score 2 · Accepted Answer · edited May 23 '17 at 12:05

2

You have this code:

$stmt=->bind_param('ss',$name,$email);

It should be this:

$stmt->bind_param('ss',$name,$email);

Further (unrelated) advice:

Fix your SQL injection vulnerabilities by using parameterized queries. See How can I prevent SQL injection in PHP?
Correctly and consistently indent your code to prevent unreadability.

edited May 23 '17 at 12:05

Community

1
1

answered Aug 15 '13 at 12:01

thanks, always miss little thing...tire job to try to code whole day long >. – Philip Tiong Aug 15 '13 at 12:05

T_OBJECT_OPERATOR while trying to insert data into mySQL data

1 Answers1