mb2000inc's Profile User Rating: -----

Reputation: 21 Tradesman
Group:
Contributors
Active Posts:
353 (0.2 per day)
Joined:
10-November 09
Profile Views:
25,032
Last Active:
User is offline Sep 02 2014 06:44 AM
Currently:
Offline

Previous Fields

Country:
US
OS Preference:
Who Cares
Favorite Browser:
Chrome
Favorite Processor:
Who Cares
Favorite Gaming Platform:
XBox
Your Car:
Ford
Dream Kudos:
125

Latest Visitors

Icon   mb2000inc is working hard at avoiding actual work.

Posts I've Made

  1. In Topic: Prepared Statements and Results In Arrays...?

    Posted 2 Sep 2014

    Oh, wow! That's cool. Let me try to see what I can do with this.
    Thank you!!
  2. In Topic: Prepared Statements and Results In Arrays...?

    Posted 29 Aug 2014

    View PostCTphpnwb, on 29 August 2014 - 05:02 PM, said:

    Here you're saying that the results will be an array with numeric keys: $result->fetch_array(MYSQLI_NUM) and here you're trying to use associative keys: $user = $r['UserName']; not to mention that copying from one variable to another is a waste of processor cycles.

    Also, why call session_register() potentially many, many times?


    AH: $result->fetch_array(MYSQLI_NUM)
    I can see where that would be an issue... what would I use instead, just out of curiosity...?

    As for the "session_register()" - I found that code online, somewhere - I haven't looked into whether or not it would work. This is my first attempt at creating ANYTHING this big - so, again, I'm still learning.

    Heh, I guess I really wouldn't need all of them, would I (kinda makes sense)? :wink:
  3. In Topic: Prepared Statements and Results In Arrays...?

    Posted 29 Aug 2014

    View PostArtificialSoldier, on 29 August 2014 - 04:29 PM, said:

    Sorry, it looks like you have to use get_result first to get the result object, and then the result object has a fetch_assoc method. Check the examples here:

    http://www.php.net/m....get-result.php



    Ok, so I tried that - this is my code thus far:
    public function AuthenticateUser($userName, $password)
    	{
    		//username and password sent from form 
    		$myusername = $userName; 
    		$mypassword = $password; 
    		
    		// To protect MySQL injection (more detail about MySQL injection)
                    // was told I didn't need this portion with prepared statements (earlier post)
    		//$myusername = stripslashes($myusername);
    		//$mypassword = stripslashes($mypassword);
    		//$myusername = mysqli_real_escape_string($this->mysqli, $myusername);
    		//$mypassword = mysqli_real_escape_string($this->mysqli, $mypassword);
    		
    		$salt = $this->SelectSalt();//this hashes my password for security
    		$prePass = hash('sha256', $salt.$mypassword);
    		
    		//prepared statement to select user info from user table
    		if(!($stmt = $this->mysqli->prepare("SELECT * FROM UserTable WHERE UserName=?"))){
    			echo "Prepare failed: (" . $this->mysqli->errno . ") " . $this->mysqli->error;
    		}
    		if (!$stmt->bind_param("s", $UserName)){
    			return "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
    		}
    	
    		if (!$stmt->execute()){
    			return "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
    		}
    		else{
    			
    			$result = $stmt->get_result();//this is from the example
    			while ($row = $result->fetch_array(MYSQLI_NUM)){
    				foreach ($row as $r)
    				{
    					$user = $r['UserName'];
    					$pass = $r['Password'];
    					$role = $r['Role'];
    					$uid = $r['UserID'];
    					if($prePass = $pass)
    					{
    						//register user sessions
    						session_register("myusername");
    						session_register("mypassword"); 
    						session_register("userrole");
    						//create sessions
    						$_SESSION['User'] = $user;
    						$_SESSION['UserRole'] = $role;
    						
    						switch($role)
    						{
    							case "admin":
    								$cookieExpiry = time()+(86400*90);//90 days
    								setcookie('rolled', $role, $cookieExpiry);
    							break;
    							case "subscriber":
    								$cookieExpiry = time()+(86400*90);//90 days
    								setcookie('rolled', $role, $cookieExpiry);
    							break;
    							case "moderator":
    								$cookieExpiry = time()+(86400*90);//90 days
    								setcookie('rolled', $role, $cookieExpiry);
    							break;
    						}
    						return true;
    					}
    					else
    					{
    						return false;
    					}
    				}
    			}
    		}
    		$stmt->close();
    	}
    
    


    Now, I get this ERROR:

    Quote

    Fatal error: Call to undefined method mysqli_stmt::get_result() in /home/mysite/public_html/dev/classes/queries.php on line 156


    I feel like I'm really close - it's just that ONE little thing that's missing... and I don't know what it is.
    I apologize for keeping you busy with this, lol. but I really want to learn.
  4. In Topic: Prepared Statements and Results In Arrays...?

    Posted 29 Aug 2014

    But that gives me the error again:

    Quote

    Fatal error: Call to undefined method mysqli_stmt::fetch_assoc()
  5. In Topic: Prepared Statements and Results In Arrays...?

    Posted 29 Aug 2014

    View PostArtificialSoldier, on 29 August 2014 - 01:59 PM, said:

    Quote

    The only way I thought I knew how to do that was using the values, like shown previously...

    That way will work fine, you can get the associative array from the result and assign the values to individual variables, or use the values directly in the array. That is what the call to fetch_assoc shown in post 5 does. The error message you showed is not related to using fetch_assoc. If you just use fetch_assoc then you'll get the associative array and you can go from there, you don't need that other function. Your code in post 1 is almost fine, just remove the unnecessary call to stmt_bind_assoc and replace the while loop like you said you did in post 6.


    Sssssooooooooo.... you're saying this should work?
    $row = array();
    while ($stmt->fetch()) {
       $user = $row['UserName'];
       $pass = $row['Password'];
       $role = $row['Role'];
       $uid = $row['UserID'];
       //do more stuff...
    }
    
    

My Information

Member Title:
D.I.C Regular
Age:
40 years old
Birthday:
November 17, 1973
Gender:
Location:
Left of Center
Interests:
I love programming and developing on top of writing, video work - and now POD CASTING!
(You can also find me here: http://roosterteeth.com/mb2000inc and here http://www.youtube.com/user/mb2000inc and http://thequarerootofnegativeone.com)
Full Name:
Mark Bogner
Years Programming:
10
Programming Languages:
C#, VB.NET, SQL, HTML/CSS - and now, PHP!

Contact Information

E-mail:
Click here to e-mail me
LinkedIn:
http://www.linkedin.com/pub/mark-bogner/b/745/899
Facebook:
http://www.facebook.com/MarkPBogner
Twitter:
mb2000inc

Comments

Page 1 of 1
  1. Photo

    duffgirl Icon

    10 Jul 2013 - 15:37
    Ohio is wonderful! That must be why folks like us live here.
  2. Photo

    Yo! Icon

    26 Sep 2011 - 15:26
    I live by your status
  3. Photo

    hulla Icon

    14 Sep 2011 - 02:07
    :D
  4. Photo

    hulla Icon

    13 Sep 2011 - 08:30
    Nice status
Page 1 of 1