发送的mysqli_stmt_prepare()值为null

时间:2019-03-01 03:43:05

标签: php mysqli

所以我在这里有以下PHP代码:

mysqli_stmt_bind_param($stmt,"s",$username);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);
if($resultCheck > 0)
{
   header("Location: ../signup.php?error=userTaken&u&mail=".$email);
   exit();
}
else
{
   $sql = "INSERT INTO users (uidUsers, emailUsers, pwdUsers) VALUES (?,?,?)";
   $stmt = mysqli_stmt_init($conn);
   if(!mysqli_stmt_prepare($stmt,$sql))
   {
       header("Location: ../signup.php?error=sqlerror");
       exit();
   }
   else
   {
       $hashedPwd = password_hash($password, PASSWORD_DEFAULT);
       mysqli_stmt_bind_param($stmt,"sss",$username,$email,$hashedPwd);
       $bp = $stmt->execute();
       if ( false===$bp )
       {
           die('Error with execute: ' . htmlspecialchars($stmt->error));
       }
       header("Location: ../signup.php?signup=success");
       exit();
    }
}

出现错误:

Error with execute: Column 'uidUsers' cannot be null.

无论我尝试了什么,准备好的语句都不起作用。但是,如果我使用

$sql = "INSERT INTO users (uidUsers, emailUsers, pwdUsers) VALUES (' ',' ',' ')"
if ($conn->query($sql) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $sql . "<br>" . $conn->error;
}  

并且仅插入数据而不对其进行消毒即可。

2 个答案:

答案 0 :(得分:0)

if(!mysqli_stmt_prepare($stmt,$sql))语句中,您正在执行没有绑定参数的$sql查询。也就是说,您执行prepare 1st,然后使用bind

使用以下代码:

$hashedPwd = password_hash($password, PASSWORD_DEFAULT);
$sql = "INSERT INTO users (uidUsers, emailUsers, pwdUsers) VALUES (?,?,?)";
$stmt = mysqli_stmt_init($conn);
mysqli_stmt_prepare($stmt,$sql);
mysqli_stmt_bind_param($stmt,"sss",$username,$email,$hashedPwd);

if (mysqli_stmt_execute($stmt))
{
   mysqli_stmt_store_result($stmt);
   if(mysqli_stmt_num_rows($stmt)>0) //check num rows ie user is available or not
   {
      header("Location: ../signup.php?signup=success"); //user available
      exit();
   }
   else
   {
      header("Location: ../signup.php?error=sqlerror"); //user is not available
      exit();
   }

}
else
{
   die('Error with execute: ' . htmlspecialchars($stmt->error));  //Query execution error
}

答案 1 :(得分:0)

所以我的PHP版本太旧了,不支持该功能,因此我将其设置为PHP 7.3,现在代码可以正常工作了。