Databases
StackOverflow2013
Postsdbo
POMySQLi Statement Not Working?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POMySQLi Statement Not Working?
    text
    copied!<p>The below query is not telling me the username already exists in database even thou it does.</p> <p>I am trying to learn how to bind parameters etc but have confused myself somewhere i think. <pre><code> // top.inc.php require_once($top_inc); ?&gt; &lt;!-- Meta start --&gt; &lt;title&gt;&lt;/title&gt; &lt;meta name="description" content="" /&gt; &lt;meta name="keywords" content="" /&gt; &lt;!-- Meta end --&gt; &lt;!-- CONTENT START --&gt; &lt;?php // sidebar.inc.php require_once($sidebar_inc); // main.inc.php require_once($main_inc); // check if form has been submitted if($_SERVER['REQUEST_METHOD'] == 'POST' &amp;&amp; isset($_POST['submit'])){ // initialize form errors array $error = array(); // fetch form data $username = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; // validate form data if(!preg_match(constant("USERNAME_REGEX"), $username)){ $error[] = "Please enter a username. Use 3 to 15 digits and letters"; } if(!preg_match(constant('PASSWORD_REGEX'), $password)){ $error[] = "Please enter a password. Minimum of 6 characters required"; } if(!empty($password) &amp;&amp; $password == $username){ $error[] = "Your pasword cannot be you username for security reasons"; } if(empty($email)){ $error[] = "Please enter your email address"; } if(!empty($email) &amp;&amp; !filter_var($email, FILTER_VALIDATE_EMAIL)){ $error[] = "Your email address is not valid"; } // connect to database sql_con(); // Get instance of statement $stmt = mysqli_stmt_init($connect); // sql statement $UserExists = " SELECT `user_login` FROM `users` WHERE `user_login` = ? "; // prepare sql statement for execution if (mysqli_stmt_prepare($stmt, $UserExists)) { // bind parameters [s for string] mysqli_stmt_bind_param($stmt, "s", $username) or die(mysqli_stmt_error()); // execute statement mysqli_stmt_execute($stmt) or die(mysqli_stmt_error()); // check if username is found if(mysqli_stmt_num_rows($stmt) &gt; 0 ){ $error[] = 'The username you have choose has already been taken'; } } // If errors found display errors if(!empty($error)){ foreach($error as $msg){ echo "$msg &lt;br /&gt;"; } } else { echo 'My Query Worked!'; } } // signup.tpl template location $tpl = 'inc/tpl/signup.tpl'; // load signup form template PageContentTemplate($tpl); ?&gt; &lt;!-- CONTENT FINISH --&gt; &lt;?php // footer.inc.php require_once($footer_inc); ?&gt; </code></pre> <p>Basically it just echos out 'My Query Worked' even thou it should say the username is already taken which it is, i enter details on form and a username i know that has been taken and submit form, i know i am doing something probably really silly but being new to mysqli and binding parameters etc i don't know where i am going wrong even thou i have looked at some examples.</p> <p>To be honest i am not sure if this is the best way to do it in procedural style, i don't know PDO/OOP, my main reason to change is to avoid sql injection by using placeholders etc in my queries.</p> <p>Thanks!</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload