CODEWITHSUNDEEP
phpmysqlprepared-statement
TheNicoPanda
TheNicoPanda

Reputation: 15

Prepared statement return errors number 0

Problem: I'm setting up my login system which should allow the user to use either username or password to login. However my prepare statement returns Prepare failed: (0) into the console (0 is the mysql error number).

What I've tried: I have tried looking in the MySQL manual to see what Error Number 0 is but couldn't find anything.

<?php
include "../includes/config.php";
if($_SERVER["REQUEST_METHOD"] == "POST") {
        // Can be either the email or username 
    $login = $_POST['login'];
    $password = $_POST['password'];

    if ( $login != "" && $password != "" ) {
        // Prepare the statement
        $pullLogin = $link->prepare("SELECT hashed_password FROM users WHERE (username = '?' OR email='?')");
        // Check Prepare
        if ( !$pullLogin->prepare() ) { echo "<script>console.log('Prepare failed: ($pullLogin->errno) $pullLogin->error');</script>"; }
        // Bind the parameters to the statement
        $pullLogin->bind_param( "ss", $login, $login );
        // Execute it :-)
        $pullLogin->execute();
        // Store the results, I don't really knwo why but whatever
        $pullLogin->store_result();
        // Bind the password to a variable :-)
        $pullLogin->bind_result($correctPassword);
        // Free the results
        $pullLogin->free_results();
        // Close the statement
        $pullLogin->close();



        // This is hashed and I'm only echoing it to see if ^ works
        echo $correctPassword;


    }
}
?>

Expected: the user can use either their username or email to login.
Actual Results: the prepare statement does not seem to work :/

Upvotes: 0

Views: 58

Answers (1)

Jan
Jan

Reputation: 2853

You are double calling prepare().

You are executing an empty statement in the if-condition when calling prepare() with no argument... so there is nothing to do and also no error (error number 0) but the result from that call is false. just check the result of the first prepare-call.

Change the second prepare-call:

if ( $login != "" && $password != "" ) {
  // Prepare the statement
  $pullLogin = $link->prepare("SELECT hashed_password FROM users WHERE (username = '?' OR email='?')");
  // Check Prepare
  if ( !$pullLogin->prepare() ) { echo "<script>console.log('Prepare failed: ($pullLogin->errno) $pullLogin->error');</script>"; }

Tho the following, so you are only testing the result of the first prepare():

if ( $login != "" && $password != "" ) {
  // Prepare the statement
  $pullLogin = $link->prepare("SELECT hashed_password FROM users WHERE (username = '?' OR email='?')");
  // Check Prepare
  if ( !$pullLogin ) { echo "<script>console.log('Prepare failed: ($link->errno) $link->error');</script>"; }

Upvotes: 1

Related Questions