Asked  1 Year ago    Answers:  5   Viewed   9 times

I have a simple login system protection mechanism by recording the user's IP, failed attempt number and last attempt time to a MySQL database table named bannedusers. However when I attempt to use the following code below to insert a new entry into the database the execute() function returns false and fails to execute.

Code as follows:

private $con;

function updateTable($IP, $attempt, $exists){
    $time = time();

    //The following statement is actually in the constructor, moved here for completeness
    $this->con = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME); //All these constants are predefined and verified to be correct.

        return true; //If there is a connection error, just let the user log in... We'll deal with this later

    //Another function already determines if the entry exists or not.
        //ip, retrycount, attempttime are the name of the fields. IP is a 40-char wide VARHCAR, retrycount is a tinyint and attempttime is a big int.
        $query = "INSERT INTO bannedusers (ip, retrycount, attempttime) VALUES (?,?,?)";

        if($stmt = $this->con->prepare($query)){

            //This following statement executes without throwing errors and returns true.
            $stmt->bind_param('sii', $IP, $attempt, $time);

            $successful = $stmt->execute();

                //Causes a small dialog to appear telling you the query failed.
                echo "<script type='text/javascript'>alert('Failed query!');</script>";
        //Unrelated code omitted.

I'm rather new to php and MySQL and through research I have found that the SQL syntax apparently needs quotation marks around the fields for the VALUE section of the query like:

$query = "INSERT INTO bannedusers (ip, retrycount, attempttime) VALUES ('?','?','?')";

but I have found here that it actually stops the query from working (still tried it and got a error on bind_param()). I've tried changing the type to 'sii' or 'sss' or 'ssi' all which resulted in the query failing. I've tried adding a semicolon at the end of the SQL query but that changed nothing. In all cases the "failed query!" dialog box pops up with no other error (except the one mentioned above give I use quotation marks around the VALUES fields.

Any help is appreciated.


It turned out that $ip was somehow null before being passed into the function which only causes a error if the MySQL error level is raised to MYSQLI_REPORT_ALL.



Either set mysqli into Exception mode


or always check the result of every mysqli operation and throw mysqli error manually:

$result = $stmt->execute();
if (!$result) {
    throw new Exception($mysqli->error);

this is the only way to know what's wrong with your execute();

I have found that the SQL syntax apparently needs quotation marks around the fields for the VALUE

Of course it is wrong. SQL syntax apparently needs quotation marks around strings only.

Saturday, May 29, 2021

I'm copying the solution into this answer so this can be given an upvote, otherwise the question will appear in the "unanswered questions" forever. I'm marking this answer CW so I won't get any points.

@Andrew E. says:

I just turned on mysqli_report(MYSQLI_REPORT_ALL) to get a better understanding of what was going on - turns out that one of my field names was incorrect - you'd think that prepare() would throw an exception, but it fails silently.

Thursday, April 1, 2021

There could be a few problems here...

1. explode()

First, your explode() may not work if your $row1["offimage"] string doesn't have asterisks * between the file names. In a reply comment to the OP you've given us an example of the contents of $row1["offimage"], which does NOT separate each PNG file by an asterisk *:

@lolka_bolka i get this outout, uploads/c376437e2a45598b2f4d89eae4f191e8.pnguploads/c376437e2a45598b2f4d89eae4f??191e8.png8069756be5095978123ae51fadbffe3b.pnguploads/c376437e2a45598b2f4d89eae4f??191e8.png8069756be5095978123ae51fadbffe3b.png04aaa414c21dc057bc594b896124068e.png 
–  user3732711 Dec 16 '14 at 12:24 

For your script to work as you've written it, we would expect to see, for example, your $row1["offimage"] string looking like this, with an asterisk * separating each PNG file name (with it's directory path):


2. DIV class 'item'

As "Dan Soap" & "Rohit the developer" have answered here, for carousel to work, you need to make sure each image is wrapped in its own item class.

Your code above has echo"<div class='item'>"; before the while loop.

echo"<div class='item'>"; should be INSIDE the while loop - more specifically it should be inside your foreach loop - so that each image in the carousel is wrapped with the item class.

And don't forget, the item or image you wish to have shown first (on load) should have active class too, as well as the item class, as such: <div class="item active">.

3. JavaScript

You haven't included any JavaScript for us to look at... without calling the carousel() function, nothing will happen, only one (static) image will show. You may need something like this:

    interval: 3000

Hopefully one / some / all of these can help get your carousel up and running! :)

Thursday, April 1, 2021

Before second usage mysqli::prepare() you must either free mysqli result or close current mysqli statement:

//do sth with the data

$mysqli->free(); // or $stmt->close();

$query = "SELECT * FROM answers WHERE question_id = ?";
$stmt  = $mysqli->prepare($query);
Saturday, May 29, 2021

row is an associative array with an entry for every column in the result set. Since there's only one column there, count($row) returns 1. Instead, you should just access the only column there:

$row = $results->fetch_assoc();
$recordCount = $row["COUNT(id)"];
Saturday, May 29, 2021
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :