0

Get this error. Not really sure why. Code is below - using prepared statements for SQL in PHP.

Fatal error: Uncaught Error: mysqli_stmt object is not fully initialized in C:\xampp\htdocs\includes\register.inc.php:35

<?php
if (isset($_POST["reg_submit"])) {

    $fName = $_POST["fName"];
    $lName = $_POST["lName"];
    $authority = $_POST["authority"];
    $email = $_POST["email"];
    $phone = $_POST["phone"];
    $pwd = $_POST["pwd"];
    $pwdConfirm = $_POST["pwdConfirm"];
    $invite_code = $_POST["invite_code"];
    
    require_once "dbh.inc.php";

    if (empty($email) || empty($phone) || empty($pwd) || empty($pwdConfirm) || empty($invite_code)) {
        header("Location: ../register.php?invite=".$invite_code."&error=emptyfields");
        exit();
    }
    if ($pwd !== $pwdConfirm) {
        header("Location: ../register.php?invite=".$invite_code."&error=pwdnomatch");
        exit();
    }
    if (!preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/', $pwd)) {
        header("Location: ../register.php?invite=".$invite_code."&error=pwdcomplexity");
        exit();
    }
    if (strlen($pwd) < 12) {
        header("Location: ../register.php?invite=".$invite_code."&error=pwdcomplexity");
        exit();
    }

    $sql = "SELECT * FROM administrators WHERE admin_email = ?;";
    $stmt = mysqli_stmt_init($conn);
    mysqli_stmt_prepare($stmt, $sql);
    mysqli_stmt_bind_param($stmt, "s", $email);
    mysqli_stmt_execute($stmt);
    $resultData = mysqli_stmt_get_result($stmt);
    $num = mysqli_num_rows($resultData);
    if ($num !== 0) {
        header("Location: ../register.php?invite=".$invite_code."&error=emailinuse");
        exit();
    }

dbh.inc.php

<?php  
$serverName = "localhost"; 
$serverUsername = "root"; 
$serverPwd = ""; 
$serverDb = "scholar23";  
$conn = mysqli_connect($serverName, $serverUsername, $serverPwd, $serverDb);  if (!$conn) {   
    echo "Error connecting to the server.";   
    exit(); 
}

Tried nothing as can't think of what the problem is. Any help appreciated.

RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
Benjamin Young
  • 1
  • 2
  • 1
    Why not use the MYSQLI_ OO syntax. Its shorter, sweeter, easier to read and maintain, and before you say anything, You Dont Need to Know any OO – RiggsFolly Feb 07 '23 at 11:22
  • It would help to see the previous 35 lines of code so we can see what may or may not have been done to cause this – RiggsFolly Feb 07 '23 at 11:24
  • I assume you are using PHP 8.0 or older. In that case, you need to remember to enable mysqli error reporting as it's not enabled by default – Dharman Feb 07 '23 at 11:30
  • Please [edit] your post to include any additional information you have to your question. Avoid adding this in the comments, as they are harder to read and can be deleted easier. The edit button for your post is just below the post's tags. – Dharman Feb 07 '23 at 11:32
  • I don't think there is any problem with your code. try running only mysqli statement without any other validation code and see if its working – Muhammad Ahmer Feb 07 '23 at 11:33
  • It looks like you are using some really bad tutorial. I highly encourage you to find something better. If you are only starting to learn PHP then you should learn PDO instead of mysqli. PDO is much easier and more suitable for beginners. Start here https://phpdelusions.net/pdo & https://websitebeaver.com/php-pdo-prepared-statements-to-prevent-sql-injection. Here are some good video tutorials https://youtu.be/2eebptXfEvw & https://www.youtube.com/watch?v=sVbEyFZKgqk&list=PLr3d3QYzkw2xabQRUpcZ_IBk9W50M9pe- – Dharman Feb 07 '23 at 11:33
  • 2
    I have never found a reason to use `mysqli_stmt_init($conn);` This is so much easier `$stmt = $conn->prepare($sql); $stmt->bind_param($stmt, "s", $email); $stmt->execute();` – RiggsFolly Feb 07 '23 at 11:39
  • I am using my own knowledge @Dharman haven't followed a tutorial. – Benjamin Young Feb 07 '23 at 12:03

0 Answers0