PHP Returns Error Code 500. Where is the Error?

Question

I have an android app that uses a StringRequest to log a user in. I recently changed some PHP code, and it is now returning a Server Error 500. (I know what the error means) Unfortunately, I cannot find the error.

My PHP code:

<?php
    require("password.php");

    $con = mysqli_connect("mywebsite.com", "username", "password", "dbname");

    $username = $_POST["username"];
    $password = $_POST["password"];

    $statement = mysqli_prepare($con, "SELECT * FROM user WHERE username = ?");
    mysqli_stmt_bind_param($statement, "s", $username);
    mysqli_stmt_execute($statement);
    mysqli_stmt_store_result($statement);
    mysqli_stmt_bind_result($statement, $colUserID, $colName, $colUsername, $colTheme, $colEmail, $colDefaultRadius, $colPassword, $timeElapsed1, $timeElapsed2, $timeElapsed3, $timeElapsed4, $timeElapsed5, $timeElapsed6, $timeElapsed7);

    $response = array();
    $response["success"] = false;

    while(mysqli_stmt_fetch($statement)){
        if (password_verify($password, $colPassword)) {
            $response["success"] = true;  
            $response["name"] = $colName;
            $response["user_id"] = $colUserID;
            $response["theme"] = $colTheme;
            $response["email"] = $colEmail;
            $response["radius"] = $colDefaultRadius;
            $response["timeElapsed1"] = $timeElapsed1;
            $response["timeElapsed2"] = $timeElapsed2;
            $response["timeElapsed3"] = $timeElapsed3;
            $response["timeElapsed4"] = $timeElapsed4;
            $response["timeElapsed5"] = $timeElapsed5;
            $response["timeElapsed6"] = $timeElapsed6;
            $response["timeElapsed7"] = $timeElapsed7;
        }
    }

    mysqli_stmt_close($statement);

    $statement2 = mysqli_prepare($con, "SELECT * FROM location WHERE username = ?");
    mysqli_stmt_bind_param($statement2, "s", $username);
    mysqli_stmt_execute($statement2);
    mysqli_stmt_store_result($statement2);
    mysqli_stmt_bind_result($statement2, $colUsername, $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23, $24, $25, $26, $27, $28, $29, $30, $31, $32, $33, $34, $35, $36, $37, $38, $39, $40, $41, $42, $43, $44, $45, $46, $47, $48, $49);

    while(mysqli_stmt_fetch($statement2)) {
        if($response["success"] == true) {
            $response["1"] = $1;
            $response["2"] = $2;
            $response["3"] = $3;
            $response["4"] = $4;
            $response["5"] = $5;
            $response["6"] = $6;
            $response["7"] = $7;
            $response["8"] = $8;
            $response["9"] = $9;
            $response["10"] = $10;
            $response["11"] = $11;
            $response["12"] = $12;
            $response["13"] = $13;
            $response["14"] = $14;
            $response["15"] = $15;
            $response["16"] = $16;
            $response["17"] = $17;
            $response["18"] = $18;
            $response["19"] = $19;
            $response["20"] = $20;
            $response["21"] = $21;
            $response["22"] = $22;
            $response["23"] = $23;
            $response["24"] = $24;
            $response["25"] = $25;
            $response["26"] = $26;
            $response["27"] = $27;
            $response["28"] = $28;
            $response["29"] = $29;
            $response["30"] = $30;
            $response["31"] = $31;
            $response["32"] = $32;
            $response["33"] = $33;
            $response["34"] = $34;
            $response["35"] = $35;
            $response["36"] = $36;
            $response["37"] = $37;
            $response["38"] = $38;
            $response["39"] = $39;
            $response["40"] = $40;
            $response["41"] = $41;
            $response["42"] = $42;
            $response["43"] = $43;
            $response["44"] = $44;
            $response["45"] = $45;
            $response["46"] = $46;
            $response["47"] = $47;
            $response["48"] = $48;
            $response["49"] = $49;
        }
    }

    echo json_encode($response);
?>

Please note that I know the error is happening in the $statement2 statement. I have tried several things, but cannot get the error fixed. $1 to $49 are linking to varchars in a database. Can anyone tell me what's going on? I have tried using a Volley Response.ErrorListener and it does not end up showing anything. Thanks in advance for any help!

Answer 1

The error is in the variable. You can't have a variable that starts with a number. Try adding a simple underscore or lowercase letter in front such as a1-a49.

Answer 2

PHP Docs state:

A valid variable name starts with a letter or underscore, followed by any number of letters, numbers, or underscores.

So $1, $2 etc. are not valid variable names in PHP.

---

To find about the actual error reason and location, you can also check the contents of the servers error log, if that is available (and PHP is configured appropriately; the configuration parameter error_log has to be set true).

---

An additional hint would be to use dynamic variable names when assigning the bound results, so you can assign them in a loop:

Instead of

$response["timeElapsed1"] = $timeElapsed1;
$response["timeElapsed2"] = $timeElapsed2;
// and so on

you could use

foreach (range(1, 7) as $num) {
   $var = 'timeElapsed'.$num;
   $response['timeElapsed'.$num] = $$var;
}

which is much more compact (but better comment it because it is not easy to spot).

Answer 3

You were binding to numeric variables which isn't proper. Changing those variable could affect your code for good... here's your code with the variables changed to use the english alphabets:

    <?php
        require("password.php");

        $con = mysqli_connect("mywebsite.com", "username", "password", "dbname");

        $username = $_POST["username"];
        $password = $_POST["password"];

        $statement = mysqli_prepare($con, "SELECT * FROM user WHERE username = ?");
        mysqli_stmt_bind_param($statement, "s", $username);
        mysqli_stmt_execute($statement);
        mysqli_stmt_store_result($statement);
        mysqli_stmt_bind_result($statement, $colUserID, $colName, $colUsername, $colTheme, $colEmail, $colDefaultRadius, $colPassword, $timeElapsed1, $timeElapsed2, $timeElapsed3, $timeElapsed4, $timeElapsed5, $timeElapsed6, $timeElapsed7);

        $response = array();
        $response["success"] = false;

        while(mysqli_stmt_fetch($statement)){
            if (password_verify($password, $colPassword)) {
                $response["success"] = true;
                $response["name"] = $colName;
                $response["user_id"] = $colUserID;
                $response["theme"] = $colTheme;
                $response["email"] = $colEmail;
                $response["radius"] = $colDefaultRadius;
                $response["timeElapsed1"] = $timeElapsed1;
                $response["timeElapsed2"] = $timeElapsed2;
                $response["timeElapsed3"] = $timeElapsed3;
                $response["timeElapsed4"] = $timeElapsed4;
                $response["timeElapsed5"] = $timeElapsed5;
                $response["timeElapsed6"] = $timeElapsed6;
                $response["timeElapsed7"] = $timeElapsed7;
            }
        }

        mysqli_stmt_close($statement);

        $statement2 = mysqli_prepare($con, "SELECT * FROM location WHERE username = ?");
        mysqli_stmt_bind_param($statement2, "s", $username);
        mysqli_stmt_execute($statement2);
        mysqli_stmt_store_result($statement2);
        mysqli_stmt_bind_result($statement2, $colUsername, $a, $b, $c, $d, $e, $f, $g, $h, $i, $j, $k, $l, $m, $n, $o, $p, $q, $r, $s, $t, $u, $v, $w, $x, $y, $z, $aa, $ab, $ac, $ad, $ae, $af, $ag, $ah, $ai, $aj, $ak, $al, $am, $an, $ao, $ap, $aq, $ar, $as, $at, $au, $av, $aw);

        while(mysqli_stmt_fetch($statement2)) {
            if($response["success"] == true) {
                $response["1"] = $a;
                $response["2"] = $b;
                $response["3"] = $c;
                $response["4"] = $d;
                $response["5"] = $e;
                $response["6"] = $f;
                $response["7"] = $f;
                $response["8"] = $h;
                $response["9"] = $i;
                $response["10"] = $j;
                $response["11"] = $k;
                $response["12"] = $l;
                $response["13"] = $m;
                $response["14"] = $n;
                $response["15"] = $o;
                $response["16"] = $p;
                $response["17"] = $q;
                $response["18"] = $r;
                $response["19"] = $s;
                $response["20"] = $t;
                $response["21"] = $u;
                $response["22"] = $v;
                $response["23"] = $w;
                $response["24"] = $x;
                $response["25"] = $y;
                $response["26"] = $z;
                $response["27"] = $aa;
                $response["28"] = $ab;
                $response["29"] = $ac;
                $response["30"] = $ad;
                $response["31"] = $ae;
                $response["32"] = $af;
                $response["33"] = $ag;
                $response["34"] = $ah;
                $response["35"] = $ai;
                $response["36"] = $aj;
                $response["37"] = $ak;
                $response["38"] = $al;
                $response["39"] = $am;
                $response["40"] = $an;
                $response["41"] = $ao;
                $response["42"] = $ap;
                $response["43"] = $aq;
                $response["44"] = $ar;
                $response["45"] = $as;
                $response["46"] = $at;
                $response["47"] = $au;
                $response["48"] = $av;
                $response["49"] = $aw;
            }
        }

        echo json_encode($response);
    ?>

Answer 4

It is now allowed to have a variable name starting with numbers. So maybe that's the error, since you have a bunch of those. I suggest renaming them to $val1 and so on.