-1

Having a bit of trouble with this PHP MYSQLi script - Whenever I run the function, I always get a return value of 0, even though I have satisfied the conditions to return another value. It appears my code is failing to collect data from the table, however I can't work out why. Here's my code:

function updatePassword($username, $oldPass, $newPass, $newPassConf, $mysqli){
    if($stmt = $mysqli->prepare("SELECT password FROM members WHERE email = ?")){
        $username = 'user'; //Temp value just to test the statement
        $stmt->bind_param('s', $username);
        $stmt->execute();
        $stmt->store_result();
        $stmt->bind_result($dbOldPass);
        $stmt->fetch();

    }
    else{
        return 0; // Failed to retrieve pw from DB
    }
    if($dbOldPass == $oldPass){
        if($newPass == $newPassConf){
            if($stmt = $mysqli->prepare('UPDATE members SET password=? WHERE username=?')){
                $stmt->bind_param('ss', $newPass, $username);
                $stmt->execute();
                return 1; // Success
            }
        }else{
            return 2; // Password and PW confirmation are wrong
        }
    }
}

Thanks in advance for any help you may be able to give!

Liton12
  • 11
  • 4
  • Looks like `$mysqli->prepare()` is failing. Did you connect it correctly? – Praveen Kumar Purushothaman Oct 17 '16 at 18:50
  • 1
    @Praveen-Kumar Hi, I believe so - I've used the same $mysqli variable in many other functions and it has connected just fine. I tried copying and pasting code performing a similar job from other functions in my code, however I still get the same error. – Liton12 Oct 17 '16 at 18:53
  • error reporting, use that. Your query failed and you need to find out why. That and `mysqli_error()` on the query. – Funk Forty Niner Oct 17 '16 at 18:58

1 Answers1

-1

In your case, the return code 0 indicates that it could not create a prepared statement.

So, either your $mysqli object is not properly connected (try checking $mysqli->error) or you are running into the common mistake of comparing a resource with false in which case, try using:

if( ($stmt = $mysqli->prepare("SELECT password FROM members WHERE email = ?")) !== FALSE )
Simon
  • 2,353
  • 1
  • 13
  • 28
  • Hi, thanks for the ideas. It appears that absolutely everything to do with MySQL on my site has just been nuked and no longer works - gonna have to look into this as there is clearly a sudden connection issue, – Liton12 Oct 17 '16 at 19:09