PHP警告:mysqli_stmt :: bind_param():类型定义字符串中的元素数量不匹配数字

时间:2016-02-09 08:50:27

标签: php web-services

我熟悉这个错误,但看起来我是个盲人或者其他什么。以下是php代码:

DB_functions.php

    <?php

class DB_Functions {

    private $conn;

    // constructor
    function __construct() {
        require_once 'DB_Connect.php';
        // connecting to database
        $db = new Db_Connect();
        $this->conn = $db->connect();
    }

    // destructor
    function __destruct() {

    }

/*update user data*/




public function updateUser($name, $email, $oldpassword, $newpassword) 
{
        $uuid = uniqid('', true);
        $hash = $this->hashSSHA($newpassword);
        $encrypted_password = $hash["encrypted"]; // encrypted password
        $salt = $hash["salt"]; // salt

        $stmt = $this->conn->prepare("update users set name ='$name', email ='$email', encrypted_password = '$encrypted_password' , updated_at = NOW() where email ='$email' ");
        $stmt->bind_param("sssss",  $name, $email, $encrypted_password , $updated_at);
        $stmt->execute();
        $stmt ->bind_result($row_name, $row_email, $row_encryptedpassword, $row_updatedat);
        $user = array(
         'name', 
         'email',
         'encrypted_password',
         'updated_at',
       );
      return $user;
        $stmt->close();


    }




    /**
     * Storing new user
     * returns user details
     */
    public function storeUser($name, $email, $password) {
        $uuid = uniqid('', true);
        $hash = $this->hashSSHA($password);
        $encrypted_password = $hash["encrypted"]; // encrypted password
        $salt = $hash["salt"]; // salt

        $stmt = $this->conn->prepare("INSERT INTO users(unique_id, name, email, encrypted_password, salt, totalpoints, digipoints,total_coupons, created_at, updated_at) VALUES(?, ?, ?, ?, ?,0,0, 0, NOW(), NOW())");
        $stmt->bind_param("sssss", $uuid, $name, $email, $encrypted_password, $salt , $totalpoints, $digipoints, $total_coupons, $created_at,$updated_at );
        $result = $stmt->execute();
        $stmt->close();

        // check for successful store
        if ($result) {
            $stmt = $this->conn->prepare("SELECT id, name, email, encrypted_password, salt, totalpoints, digipoints, total_coupons, created_at, unique_id, updated_at FROM users WHERE email = ?");
            $stmt->bind_param("s", $email);
            $stmt->execute();

$stmt->bind_result($row_user_id, $row_user_name, $row_user_email, $row_user_encryptedpass, $row_user_salt,$row_totalpoints, $row_digipoints,$row_totalcoupons, $row_user_createdat,$row_user_uniqueid, $row_user_updatedat);
$stmt->fetch();

$user = array(
     'id' => $row_user_id, 
     'name' => $row_user_name,
     'email' => $row_user_email,
'encrypted_password' => $row_user_encryptedpass,
'salt' => $row_user_salt,
'totalpoints' => $row_totalpoints,
'digipoints' => $row_digipoints,
'total_coupons' => $row_totalcoupons,
'created_at'=>$row_user_createdat,
'unique_id' => $row_user_uniqueid,
'updated_at' => $row_user_updatedat,
);

            $stmt->close();

            return $user;
        } else {
            return false;
        }
    }

    /**
     * Get user by email and password
     */
    public function getUserByEmailAndPassword($email, $password) {

        $stmt = $this->conn->prepare("SELECT unique_id, name, email, encrypted_password, salt, totalpoints, digipoints, created_at, unique_id, updated_at FROM users WHERE email = ?");

        $stmt->bind_param("s", $email);

        if ($stmt->execute()) {
          $stmt->bind_result($row_user_id, $row_user_name, $row_user_email, $row_user_encryptedpass, $row_user_salt, $row_totalpoints, $row_digipoints,$row_user_createdat,$row_user_uniqueid, $row_user_updatedat);
$stmt->fetch();

$user = array(
     'id' => $row_user_id, 
     'name' => $row_user_name,
     'email' => $row_user_email,
'encrypted_password' => $row_user_encryptedpass,
'salt' => $row_user_salt,
'totalpoints' => $row_totalpoints,
'digipoints' => $row_digipoints,
'created_at' => $row_user_createdat,
'unique_id' => $row_user_uniqeid,
'updated_at' => $row_user_updatedat,
);
            $stmt->close();
            return $user;
        } else {
            return NULL;
        }
    }

    /**
     * Check user is existed or not
     */
    public function isUserExisted($email) {
        $stmt = $this->conn->prepare("SELECT email from users WHERE email = ?");

        $stmt->bind_param("s", $email);

        $stmt->execute();

        $stmt->store_result();

        if ($stmt->num_rows > 0) {
            // user existed 
            $stmt->close();
            return true;
        } else {
            // user not existed
            $stmt->close();
            return false;
        }
    }

    /**
     * Encrypting password
     * @param password
     * returns salt and encrypted password
     */
    public function hashSSHA($password) {

        $salt = sha1(rand());
        $salt = substr($salt, 0, 10);
        $encrypted = base64_encode(sha1($password . $salt, true) . $salt);
        $hash = array("salt" => $salt, "encrypted" => $encrypted);
        return $hash;
    }

    /**
     * Decrypting password
     * @param salt, password
     * returns hash string
     */
    public function checkhashSSHA($salt, $password) {

        $hash = base64_encode(sha1($password . $salt, true) . $salt);

        return $hash;
    }

}

?>

register.php

<?php
require_once 'include/DB_Functions.php';
$db = new DB_Functions();
// json response array
$response = array("error" => FALSE);
if (isset($_POST['name']) && isset($_POST['email']) && isset($_POST['password'])) { 
    // receiving the post params
    $name = $_POST['name'];
    $email = $_POST['email'];
    $password = $_POST['password'];

    // check if user is already existed with the same email
    if ($db->isUserExisted($email)) {
        // user already existed
        $response["error"] = TRUE;
        $response["error_msg"] = "User already existed with " . $email;
        echo json_encode($response);
    } else {
        // create a new user
        $user = $db->storeUser($name, $email, $password);
        if ($user) {
            // user stored successfully
            $response["error"] = FALSE;
            $response["uid"] = $user["unique_id"];
            $response["user"]["name"] = $user["name"];
            $response["user"]["email"] = $user["email"];
            $response["user"]["totalpoints"] = $user["totalpoints"];
            $response["user"]["digipoints"] = $user["digipoints"];
            $response["user"]["total_coupons"] = $user["total_coupons"];
            $response["user"]["created_at"] = $user["created_at"];
            $response["user"]["updated_at"] = $user["updated_at"];
            echo json_encode($response);
        } else {
            // user failed to store
            $response["error"] = TRUE;
            $response["error_msg"] = "Unknown error occurred in registration!";
            echo json_encode($response);
        }
    }
} else {
    $response["error"] = TRUE;
    $response["error_msg"] = "Required parameters (name, email or password) is missing!";
    echo json_encode($response);
}
?>

这是警告,即我的服务器error_log

[09-Feb-2016 08:36:43 UTC] PHP Warning:  mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables in /home/hevak/public_html/beeken/include/DB_Functions.php on line 62

请不要降级我知道这已被问了很多次但我真的很困惑。

2 个答案:

答案 0 :(得分:1)

您未在updateUser中正确使用准备好的陈述。

查询字符串中没有占位符:

 $stmt = $this->conn->prepare("update users set name ='$name', email ='$email', encrypted_password = '$encrypted_password' , updated_at = NOW() where email ='$email' ");

更改为:

 $stmt = $this->conn->prepare("update users set name =?, email =?, encrypted_password = ?, updated_at = NOW() where email =? ");
 $stmt->bind_param("ssssss",  $name, $email, $encrypted_password , $updated_at, $email);

答案 1 :(得分:0)

  

PHP警告:mysqli_stmt :: bind_param():类型定义字符串中的元素数与绑定变量数不匹配

请在storeUser()方法

中查看此语句
$stmt->bind_param("sssss", $uuid, $name, $email, $encrypted_password, $salt , $totalpoints, $digipoints, $total_coupons, $created_at,$updated_at );

应该是,

$stmt->bind_param("sssss", $uuid, $name, $email, $encrypted_password, $salt);