Databases
StackOverflow2013
Postsdbo
POMySQL prepared statement returns false
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POMySQL prepared statement returns false
    text
    copied!<p>I have the following <strong>working</strong> MySQL insert:</p> <pre><code>$tableSelect = $_POST["tableSelect"]; $companyName = $_POST["companyName"]; $telephone = $_POST["telephone"]; $fax = $_POST["fax"]; $email = $_POST["email"]; $address = $_POST["address"]; $postcode = $_POST["postcode"]; $category = $_POST["category"]; $contact = $_POST["contact"]; $contactTel = $_POST["contactTel"]; $contactEmail = $_POST["contactEmail"]; $sql = "INSERT INTO $tableSelect (companyName,telephone,fax,email,address,postcode,category,contact,contactTel, contactEmail) VALUES ('$companyName','$telephone','$fax','$email','$address','$postcode','$category', '$contact','$contactTel','$contactEmail');"; if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } </code></pre> <p>However, I've tried to change this into a prepared statement to protect myself from injection, like so:</p> <pre><code>$stmt = $con-&gt;prepare("INSERT INTO suppliers (companyName,telephone,fax,email,address,postcode, category,contact,contactTel,contactEmail) VALUES(:companyName, :telephone, :fax, :email, :address, :postcode, :category, :contact, :contactTel, :contactEmail);"); if ($stmt !== FALSE) { $stmt-&gt;bindParam(':companyName',$companyName); $stmt-&gt;bindParam(':telephone',$telephone); $stmt-&gt;bindParam(':fax',$fax); $stmt-&gt;bindParam(':email',$email); $stmt-&gt;bindParam(':address',$address); $stmt-&gt;bindParam(':postcode',$postcode); $stmt-&gt;bindParam(':category',$category); $stmt-&gt;bindParam(':contact',$contact); $stmt-&gt;bindParam(':contactTel',$contactTel); $stmt-&gt;bindParam(':contactEmail',$contactEmail); $companyName = $_POST["companyName"]; $telephone = $_POST["telephone"]; $fax = $_POST["fax"]; $email = $_POST["email"]; $address = $_POST["address"]; $postcode = $_POST["postcode"]; $category = $_POST["category"]; $contact = $_POST["contact"]; $contactTel = $_POST["contactTel"]; $contactEmail = $_POST["contactEmail"]; $stmt-&gt;execute(); } else { echo "Could not connect"; } </code></pre> <p>Every time I run it, <code>$stmt</code> returns false. It's the first time I've used prepared statements and I'm fairly new to MySQL so some pointers would be greatly appreciated.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload