Home/ Questions/Q 4056774
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T14:52:10+00:00

I have a question for you guys. I’m trying to make the way that

  • 0

I have a question for you guys. I’m trying to make the way that I run MySQL as secure as I can. I’m currently wondering if it’s possible to fetch an object with MySQLi after I have prepared the statement, binded the parameters, and executed the statement.

Example:

$sql = $mysqli->prepare('SELECT * FROM users WHERE username = ?;');
$sql->bind_param('s', $username);

$username = 'RastaLulz';

$sql->execute();
$object = $sql->fetch_object();
echo $object->mail;

I get the following error:

Fatal error: Call to a member function fetch_object() on a non-object in C:\xampp\htdocs\ProCMS\DevBestCMS\inc\global\class.mysql.php on line 23

However, when I add “$sql->result_metadata();” I don’t get an error, but it doesn’t return a result (it’s just NULL).

$sql = $mysqli->prepare('SELECT * FROM users WHERE username = ?;');
$sql->bind_param('s', $username);

$username = 'RastaLulz';

$sql->execute();
$result = $sql->result_metadata();
$object = $result->fetch_object();
echo $object->mail;

This is how you’d do it without binding the parameters:

$sql = $mysqli->query("SELECT * FROM users WHERE username = 'RastaLulz';");
$object = $sql->fetch_object();
echo $object->mail;

Here’s my current MySQL class – just need to get the execute function working.
http://uploadir.com/u/lp74z4

Any help is and will be appreciated!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I just dug around in my Database class and this is how I do it. Honestly I don’t remember why I needed to do it this way and there might be a much better way. But if it helps you here is the code. I do vaguely remember being irritated about there not being a simple way to get your results as an object.

    
// returns an array of objects
public function stmtFetchObject(){

    $rows=array(); //init

    // bind results to named array
    $meta = $this->stmt->result_metadata();
    $fields = $meta->fetch_fields();

    foreach($fields as $field) {
            $result[$field->name] = "";
            $resultArray[$field->name] = &$result[$field->name];
    }

    call_user_func_array(array($this->stmt, 'bind_result'), $resultArray);

    // create object of results and array of objects
    while($this->stmt->fetch()) {
            $resultObject = new stdClass();

            foreach ($resultArray as $key => $value) {
                $resultObject->$key = $value;
            }

            $rows[] = $resultObject;
    }

    return $rows;
}
    • 0