I have a problem with producing a Register using my MySQLI Code. The tables/connection variable is matching up, and the correct variables being passed through the query is populated with expected strings, when running a query or prepare & execute when performing any type of query, I get returned with the following:
Fatal error: Call to a member function query() on a non-object in
/var/www/New/API/FormValidations.php on line 40
My code is as followed:
$Query = $STD->prepare("SELECT * FROM Users WHERE Username='$Username'");
$Query->execute();
$Number = $Query->num_rows;
if ($Number !== 0)
{
echo "Username Already In Use";
}
else
{
$Insert_User = $STD->prepare("INSERT INTO Users ('Username', 'Password') VALUES ('$Username', '$Password)");
$Insert_User->execute();
echo "Account Created!";
}
Here is My Connection Script:
$STD = new mysqli('localhost', 'root', 'xxxxx', 'SLMS');
$AccessCon = new mysqli('localhost', 'root', 'xxxxx', 'DBAccess');
if ($AccessCon->connect_error) {
die("Access Has Been Revoked. Please Contact Administration");
}
if ($STD->connect_error) {
die("Standard Access Has Been Revoked. Please Contact Administration");
}
and my SQL Table for Users:
CREATE TABLE IF NOT EXISTS `Users` (
`ID` int(255) NOT NULL AUTO_INCREMENT,
`Username` varchar(255) NOT NULL,
`Password` text NOT NULL,
PRIMARY KEY (`ID`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
I have tried commenting out all my query code, and running
$Query = $STD->query("SHOW TABLES");
$Results = $STD->fetch_array(MYSQLI_ASSOC);
this still returned an error, on my $Query variable.
I have also tried modifying my code to search for something that is already present in the database:
$Query = $STD->prepare("SELECT * FROM Users WHERE Username='Test'");
and tried to enclose my $Username As followed:
$Query = $STD->prepare("SELECT * FROM Users WHERE Username='{$Username}'");
This has performed No Success. I was wondering if someone could shed some light on this situation?
Edit:
Commenting out the entire script and just running:
$Query = $STD->query("SHOW TABLES");
$test = $Query->fetch_array(MYSQLI_ASSOC);
print_r($test);
Returns a result.
UPDATE:
I have modified my code to:
$Query = $STD->prepare("SELECT * FROM Users WHERE Username=?");
$Query->bind_param("s", $Username);
$Query->execute();
Final Update:
Fatal error: Call to a member function bind_param() on a non-object
in /var/www/New/Register.php on line 45
This is the new Error.
The offending lines:
$Insert_User = $STD->prepare("INSERT INTO Users ('Username', 'Password') VALUES (?, ?)");
$Insert_User->bind_param("ss", $Username, $Password);
$Insert_User->execute();
When using prepare you have to bind the varables that hold your values.
Example:
here is link to prepared statements
Update
this:
should be:
this:
should be:
this :
should be this: