Error trying to insert with PHP

Question

Error trying to insert with PHP

Navigation

#1 by (4 votes)

1

I'm trying to run this function in php:

$insert = $con ->prepare("INSERT INTO conta (conta, senha, email, acesso) VALUES(?, ?, ?, ?)");
        $insert ->bind_param("sssi", $usuario->getConta(), md5($usuario->getSenha()), $usuario->getEmail, 1);

        $insert ->execute();

But when I use the following function:

$insert = $con ->prepare("INSERT INTO conta (conta, senha, email) VALUES(?, ?, ?)");
        $insert ->bind_param("sss", $usuario->getConta(), md5($usuario->getSenha()), $usuario->getEmail);

        $insert ->execute();

It works but when I try to enter that integer at the end it does not run and it shows the following error message: Fatal error: Can not pass parameter 5 by reference in C: \ xampp \ htdocs \ payment \ lib \ php \ user.php on line 11

I do not know what else to do.

In my database all are varchar minus the last one which is an int (11)

php

asked by anonymous 22.02.2017 / 04:20

1 answer

Modal Window overlap Frames Can not import urlencode name in program execution

score 4 · Accepted Answer

You are apparently using PDO , not different things and that can confuse those who come to answer, since they have great differences . If you mean you are using object-oriented programming it would be POO or OO , but not PDO .

Now let's get down to the problem:

The mysqli_stmt_bind_param (or $ mysqli_stmt-> bind_param ) accepts variables by reference but does not accept string directly in it.

$insert = $con->prepare("INSERT INTO conta (conta, senha, email, acesso) VALUES(?, ?, ?, ?)");

// Pode definir antes do bind_param:
//$numero = 1;

$insert ->bind_param("sssi",
    $conta,
    $senha,
    $email,
    $numero
);

// Pode definir depois do bind_param, mas antes do execute:
$numero = 1;

$senha = md5( $usuario->getSenha() );
$email = $usuario->getEmail();
$conta = $usuario->getConta();

$insert ->execute();

Now the 1 is being passed by $numero , the value of $numero can be set before execute(); , but not necessarily before bind_param .

The first argument of bind_param , " sssi ", is determined as follows:

+-------+-------------------------------+----------------------------------------+
| Letra |          Descricao            |                Exemplo                 |
+-------+-------------------------------+----------------------------------------+
| i     | Define variável como Inteiro  | INT, TIMESTAMP, BIT...                 |
| s     | Define variável como String   | CHAR, VARCHAR, TEXT, DATETIME, JSON... |
| d     | Define variável como Double   | DOUBLE, FLOAT, DECIMAL...              |
| b     | Define variável como Blob     | BLOB, BINARY...                        |
+-------+-------------------------------+----------------------------------------+

The definition must be exactly in the order that is in query with the parameters, if you set si it should inform a variable being $string, $int .

I do not recommend using MD5 or SHA1 for passwords. Use instead the BCrypt that is already including in PHP in the functions of password_hash() " If you really want different password protection systems there is Libsodium (which supports SCrypt and also Argon2 ) , Libsodium is now available , using \Sodium\crypto_pwhash_str() , this will be included" already factory "in PHP 7.2 .