Page 1 of 1

Interesting behavior from mysqli_prepare

Posted: Mon Nov 23, 2009 6:21 pm
by Jafil21
Hello,

I have the following function in my code:

Code: Select all

 
 function store_reservation($link, $fname, $lname, $email, $phone, 
          $date, $time, $persons, $confirmed, $code = 0)
     {
          /* Prepare, parse and parameterize the INSERT query */
        if(!$code){//We don't need to insert the MD5 hash
          $query = "INSERT INTO reservations(first_name, last_name, email, phone, 
                     reservation_date, reservation_time, persons, confirmed, timestamp) 
                  VALUES(?,?,?,?,?,?,?,?, NOW())";
          if(!($stmt = mysqli_prepare($link, $query)))
             die_with_error($GLOBAL_ERRSTR);
         if(!mysqli_stmt_bind_param($stmt, 'ssssssii',
                  $fname, $lname, $email, $phone, $date, $time, $persons, $confirmed))
             die_with_error($GLOBAL_ERRSTR);
        }
        else {//We need to insert the MD5 hash
          $query = "INSERT INTO reservations(first_name, last_name, email, phone, 
                     reservation_date, reservation_time, persons, confirmed, key, timestamp) 
                     VALUES(?,?,?,?,?,?,?,?,?, NOW())";
          [b]die_with_error('HI');[/b]
          [b]if(!($stmt = mysqli_prepare($link, $query))){//erroneous[/b]
             [b]echo '<p>LOL</p>';[/b]
             [b]die_with_error($GLOBAL_ERRSTR);[/b]
          [b]}[/b]
          [b]die_with_error('HO');[/b]
          if(!mysqli_stmt_bind_param($stmt, 'ssssssiib',
                  $fname, $lname, $email, $phone, $date, $time, $persons, $confirmed, $code))
             die_with_error($GLOBAL_ERRSTR);
        }
        /* execute and validate the statement */
        if(!mysqli_stmt_execute($stmt))
          die_with_error($GLOBAL_ERRSTR);
        if(mysqli_stmt_affected_rows($stmt) < 1)
            die_with_error($GLOBAL_ERRSTR);
         mysqli_stmt_close($stmt);
     }
 
The "die with error" function does little more than what its name implies:

Code: Select all

 
function die_with_error($error){
     echo '<p class = "error">' . $error . '</p>';
     include('includes/footer.html');
         exit();
 }
 
And the $GLOBAL_ERRSTR variable is just a generic string variable holding some text which tends to be repeated over error messages.

My problem is located in the highlighted bold code: Neither 'LOL' or 'HO' are printed, let alone the contents of $GLOBAL_ERRSTR. It's like my code stops execution at the mysqli_prepare() that is executed. I have checked the $link variable for validity, and it holds an active database connection passed by the calling script. I've also changed the

Code: Select all

if(!($stmt = mysqli_prepare($link, $query)))
to

Code: Select all

 if(($stmt = mysqli_prepare($link, $query)) ===FALSE)
Yet I still get this strange behavior. Here's the call to the function (I've doublechecked that this is the actual one):

Code: Select all

store_reservation($dbc, $fname, $lname, $email, $phone, $date, $time, $persons, 0, $code);
Is there anything strikingly wrong with the query I'm preparing? The "timestamp" field is, unsurprisingly, of type TIMESTAMP, whereas the 'key' field is a varbinary field. All the others are VARCHARs and INTs. I think it might be something very obvious, but, being exhausted after writing about 1000 lines of PHP code today, I have yet to find out what might be wrong.
I've written parameterized SQL before, and am studying an example of mine which looks extremely similar to this one and, guess what, it works!

Thanks for any pointers.