StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POIs it possible to fetch_object while using bind_param? (PHP/MySQLi)
text
Body
copied!<p>I have a question for you guys. I'm trying to make the way that I run MySQL as secure as I can. I'm currently wondering if it's possible to fetch an object with MySQLi after I have prepared the statement, binded the parameters, and executed the statement.</p> <p>Example:</p> <pre><code>$sql = $mysqli->prepare('SELECT * FROM users WHERE username = ?;'); $sql->bind_param('s', $username); $username = 'RastaLulz'; $sql->execute(); $object = $sql->fetch_object(); echo $object->mail; </code></pre> <p>I get the following error:</p> <pre><code>Fatal error: Call to a member function fetch_object() on a non-object in C:\xampp\htdocs\ProCMS\DevBestCMS\inc\global\class.mysql.php on line 23 </code></pre> <p>However, when I add "$sql->result_metadata();" I don't get an error, but it doesn't return a result (it's just NULL).</p> <pre><code>$sql = $mysqli->prepare('SELECT * FROM users WHERE username = ?;'); $sql->bind_param('s', $username); $username = 'RastaLulz'; $sql->execute(); $result = $sql->result_metadata(); $object = $result->fetch_object(); echo $object->mail; </code></pre> <p>This is how you'd do it without binding the parameters:</p> <pre><code>$sql = $mysqli->query("SELECT * FROM users WHERE username = 'RastaLulz';"); $object = $sql->fetch_object(); echo $object->mail; </code></pre> <p>Here's my current MySQL class - just need to get the execute function working. <a href="http://uploadir.com/u/lp74z4">http://uploadir.com/u/lp74z4</a></p> <p>Any help is and will be appreciated!</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload