//function to add bm
function add_bm($new_url, $email)
{
$db = $this->dbm;
$this->new_url = $new_url;
$this->email = $email;
$sql = "select * from bookmark where email='$this->valid_user' and bm_URL='$this->new_url'";
if(!$stmt = $db->conn->query($sql))
{
echo "query failed: (" . $db->conn->errno . ") " .$db->conn->error;
}else{
//echo "can check";
//return true;
//row count
if($stmt->num_rows > 0){
echo "<b><br>Sorry ! <br> The URL had already been added . </b> ";
return false;
}else{
//return true;
// prepare and bind
$stmt = $db->conn->prepare("INSERT INTO bookmark (email, bm_URL,) VALUES (?,?)");
$stmt->bind_param("ss", $this->email, $this->new_url);
// set parameters and execute
if($stmt->execute()){
$stmt->close();
$db->conn->close();
return true;
}
}
}
}
Asked
Active
Viewed 37 times
-1
-
Look at [bind_param](http://php.net/manual/en/pdostatement.bindparam.php) – B001ᛦ Jul 27 '16 at 14:34
-
You have a syntax error in your prepared statement, and since you have absolutely no error handling and simply ASSUME that nothing coudl ever go wrong, you take the boolean false returned by the failed prepare and run, causing further chaos. – Marc B Jul 27 '16 at 14:35
-
Typo `bm_URL,`. You should be binding everywhere. – chris85 Jul 27 '16 at 14:38
1 Answers
0
When you do DB operations, check for errors before you proceed. Otherwise you get unexpected behaviors and puzzling errors such as this.
Your $stmt->bind_param isn't working because $stmt===false because the previous instruction errored.
if(!$stmt = $db->conn->prepare("INSERT INTO ...")){
//something went wrong. This shows the error but handle as appropriate
die($db->$conn->error);
}
//safe to continue
$stmt->bind_param(...)
BeetleJuice
- 39,516
- 19
- 105
- 165