0

I am trying to explode() the $_GET['tri'] variable value (localhost/index.php?tri=*POST BUS*2017-09-01*13:00:00*NDOLA*lusaka*MWILA KAUNDA*0963454336*) and then directly write the explode values to the DB.

Here is the code: 

function x(){
    $Conn = new mysqli('127.0.0.1','root','','app');
    //connect
    if (!$Conn->connect_error) {
        //query
        $query = "INSERT INTO POST_BUS (service, day, time, from, to, name, phone) VALUES(?, ?, ?, ?, ?, ?, ?)";
        //prepare stmt
        $stmt = $Conn->prepare($query);
        //explode tri
        $expl = explode('*', $_GET['tri']);
        //categorise
        $service = "$expl[1]";
        $day = "$expl[2]";
        $time = "$expl[3]";
        $from = "$expl[4]";
        $to = "$expl[5]";
        $name = "$expl[6]";
        $phone = "$expl[7]";
        //dispatch tri
        $stmt->bind_param('sssssss','".$service."','".$day."','".$time."','".$from."','".$to."','".$name."','".$phone."');
        //exe
        if ($stmt->execute()) {
            print('success!');
        }
        else{
            die('error');
        }
    }
    else{
        print('try later!!!');
    }
}

i'm getting this error:

Fatal error: Uncaught Error: Call to a member function bind_param() on boolean in C:\xampp\htdocs\index.php:29 Stack trace: #0 C:\xampp\htdocs\index.php(43): x() #1 {main} thrown in C:\xampp\htdocs\index.php on line 29

Where am I going wrong?

Wasi Ahmad
  • 35,739
  • 32
  • 114
  • 161
Bool
  • 53
  • 6

1 Answers1

1
$query = "INSERT INTO POST_BUS(service, day, time, `from`, `to`, name, phone) VALUES(?, ?, ?, ?, ?, ?, ?);";
    //prepare stmt
    $stmt = $Conn->prepare($query);
    if (!$stmt) {
       die($Conn->error);
    }

from and to are reserved words and should be quoted. for a complete list of reserved words in mysql please visit the following link

blackxel
  • 196
  • 1
  • 8