Error: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, boolean given in ......

[sunny_pro]

Fellow Php Programmers,

This is a script that takes over when a user clicks a link emailed to him. The link that verifies the user's email and opens his membership account by switching from "pending status = 0" to "pending status = 1" in mysql db.

I am shown this by my script. And, I want to know why I get these errors:

string(23) "[email protected]" string(40) "472b07b9fcf2c2451e8781e944bf5f77cd8457c8" object(mysqli_stmt)#2 (10) { ["affected_rows"]=> int(0) ["insert_id"]=> int(0) ["num_rows"]=> int(0) ["param_count"]=> int(2) ["field_count"]=> int(2) ["errno"]=> int(0) ["error"]=> string(0) "" ["error_list"]=> array(0) { } ["sqlstate"]=> string(5) "00000" ["id"]=> int(1) } NULL
Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given in /home/EDITED (User)/public_html/e-id/activate_account.php on line 27
bool(false) int(1) string(8) "EDITED (User)"
Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, boolean given in /home/EDITED (User)/public_html/e-id/activate_account.php on line 29

Note the bool(false) in the first warning. Regarding line 27.
Line 27:

$stmt_two (line 26) looks like this:
mysqli_stmt_bind_param($stmt_two, 'is', $userActivationState, $username);

<?php
02
include 'config.php';
03
if (!isset($_GET["email"], $_GET["account_activation_code"]) === true){
04
    $_SESSION['error'] = "Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href=\"register.php\">Register here!</a>";
05
    exit();
06
}
07
else
08
{  
09
    $email = htmlspecialchars($_GET['email']); 
10
    $account_activation_code = htmlspecialchars($_GET['account_activation_code']); 
11
    $stmt_one = mysqli_prepare($conn, "SELECT usernames, accounts_activations FROM users WHERE emails = ? AND accounts_activations_codes = ?");
12
    mysqli_stmt_bind_param($stmt_one, 'si', $email,  $account_activation_code);
13
    mysqli_stmt_bind_result($stmt_one, $username, $userActivationState);   
14
    var_dump($email, $account_activation_code, $stmt_one, $userActivationState);   
15
    if (mysqli_stmt_execute($stmt_one) && mysqli_stmt_fetch($stmt_one))
16
    {      
17
        if ($userActivationState != 0)
18
        {          
19
            echo "Since your account is already activated, why are you trying to activate it again ? Do not do that again and just login from <a href=\"login.php\">this webpage</a> next time! Make a note of that webpage, ok ?";
20
            exit;
21
        }
22
        $userActivationState = 1;      
23
        $stmt_two = mysqli_prepare($conn, "UPDATE users SET accounts_activations = ? WHERE usernames = ?");
24
        mysqli_stmt_bind_param($stmt_two, 'is', $userActivationState, $username);      
25
        var_dump($stmt_two, $userActivationState, $username);      
26
        if (mysqli_stmt_execute($stmt_two))
27
        {
28
            echo "<h3 style='text-align:center'>Thank you for your confirming your email and activating your account.<br /> Redirecting you to the login page ...</h3>";
29
            $_SESSION["user"] = $username;
30
            header("location:home.php");
31
            exit;
32
        }
33
    }
34
    else
35
    {
36
        echo "FAILURE to UPDATE db";
37
        exit;
38
    }
39
}

 

[Rob Whisonant]

It's failing at the mysqli_prepare.

Add this line after the mysqli_prepare line and see what error message it shows.

echo mysqli_error($conn);

 

[sunny_pro]

Thanks Mod.
Ok, I added the line as you suggested in 2 places.
I get this shown:

string(23) "[email protected]" string(40) "c1dfd96eea8cc2b62785275bca38ac261256e278" object(mysqli_stmt)#2 (10) { ["affected_rows"]=> int(0) ["insert_id"]=> int(0) ["num_rows"]=> int(0) ["param_count"]=> int(2) ["field_count"]=> int(2) ["errno"]=> int(0) ["error"]=> string(0) "" ["error_list"]=> array(0) { } ["sqlstate"]=> string(5) "00000" ["id"]=> int(1) } NULL FAILURE to UPDATE db

Here's the script:


activate_account.php

<?php

include 'config.php';

if (!isset($_GET["email"], $_GET["account_activation_code"]) === true){
    $_SESSION['error'] = "Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href=\"register.php\">Register here!</a>";
    exit();
} 
else 
{	
	$email = htmlspecialchars($_GET['email']);	
	$account_activation_code = htmlspecialchars($_GET['account_activation_code']);	
	$stmt_one = mysqli_prepare($conn, "SELECT usernames, accounts_activations FROM users WHERE emails = ? AND accounts_activations_codes = ?");	
	echo mysqli_error($conn);
	mysqli_stmt_bind_param($stmt_one, 'si', $email,  $account_activation_code);	
	mysqli_stmt_bind_result($stmt_one, $username, $userActivationState);	
	var_dump($email, $account_activation_code, $stmt_one, $userActivationState);	
	if (mysqli_stmt_execute($stmt_one) && mysqli_stmt_fetch($stmt_one))
	{		
		if ($userActivationState != 0)
		{			
			echo "Since your account is already activated, why are you trying to activate it again ? Do not do that again and just login from <a href=\"login.php\">this webpage</a> next time! Make a note of that webpage, ok ?";
			exit;
		}
		
		$userActivationState = 1;		
		$stmt_two = mysqli_prepare($conn, "UPDATE users SET accounts_activations = ? WHERE usernames = ?");
		echo mysqli_error($conn);
		mysqli_stmt_bind_param($stmt_two, 'is', $userActivationState, $username);		
		var_dump($stmt_two, $userActivationState, $username);		
		if (mysqli_stmt_execute($stmt_two))
		{
			echo "<h3 style='text-align:center'>Thank you for your confirming your email and activating your account.<br /> Redirecting you to the login page ...</h3>";
			$_SESSION["user"] = $username;
			header("location:home.php");
			exit;
		}
	} 
	else 
	{
		echo "FAILURE to UPDATE db";
		exit;
	}
}

config.php

<?php

/*
ERROR HANDLING
*/
declare(strict_types=1);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

// session start
if(!session_start()) {
	session_start();
}

// include files
include 'conn.php';
include 'site_details.php';

// include functions
include 'functions.php';

?>

conn.php

<?php

$conn = mysqli_connect("localhost", "EDITED", "EDITED", "EDITED");

if (!$conn) {
	// message to use in development to see errors
	die("Database error : " . mysqli_error($conn));

	// user friendly message
	// die("Database error.");
	exit();
}

?>

 

[Rob Whisonant]

This line is valuating as FALSE. So we know the problem is above this line or with this line.

if (mysqli_stmt_execute($stmt_one) && mysqli_stmt_fetch($stmt_one)) {

I would break these two apart and add in some error checking to see what one is failing and possibly why.

Also, you are running php 5 or 7 correct? And is mysqli extension setup on your PHP install?

 

[sunny_pro]

Error 500

Yes, someone else suggested exactly the same as you but the result gave http error 500.
Here was my update ...

activate_account.php

<?php

include 'config.php';

if (!isset($_GET["email"], $_GET["account_activation_code"]) === true){
    $_SESSION['error'] = "Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href=\"register.php\">Register here!</a>";
    exit();
} 
else 
{	
	$email = htmlspecialchars($_GET['email']);	
	$account_activation_code = htmlspecialchars($_GET['account_activation_code']);	
	if ($stmt_one = mysqli_prepare($conn, "SELECT usernames, accounts_activations FROM users WHERE emails = ? AND accounts_activations_codes = ?");	
		echo mysqli_error($conn);
		mysqli_stmt_bind_param($stmt_one, 'si', $email,  $account_activation_code);	
		mysqli_stmt_bind_result($stmt_one, $username, $userActivationState);	
		var_dump($email, $account_activation_code, $stmt_one, $userActivationState);
	}
	else
	{
		echo "Mysqli prepare Failed!";
		exit;
	}	
	
	if (mysqli_stmt_execute($stmt_one)) 
	{
		echo success: mysqli_stmt_execute($stmt_one);
	}
	else
	{
		echo failure: mysqli_stmt_execute($stmt_one);
	}
    
    if( mysqli_stmt_fetch($stmt_one)) 
	{
		echo success: mysqli_stmt_fetch($stmt_one);
	}
	else
	{
		echo failure: mysqli_stmt_fetch($stmt_one);	
	}
		if ($userActivationState != 0)
		{	
			echo "Since your account is already activated, why are you trying to activate it again ? Do not do that again and just login from <a href=\"login.php\">this webpage</a> next time! Make a note of that webpage, ok ?";
			exit;
		}
		
		$userActivationState = 1;
		
		$stmt_two = mysqli_prepare($conn, "UPDATE users SET accounts_activations = ? WHERE usernames = ?");
		echo mysqli_error($conn);
		mysqli_stmt_bind_param($stmt_two, 'is', $userActivationState, $username);		
		var_dump($stmt_two, $userActivationState, $username);		
		if (mysqli_stmt_execute($stmt_two))
		{
			echo "<h3 style='text-align:center'>Thank you for your confirming your email and activating your account.<br /> Redirecting you to the login page ...</h3>";
			$_SESSION["user"] = $username;
			header("location:home.php");
			exit;
		}
	} 
	else 
	{
		echo "FAILURE to UPDATE db";
		exit;
	}
}

Mysqli works on my webhost. Been using it all this time. Use php 7.

 

[Rob Whisonant]

Your echo commands are formatted wrong.

echo success: mysqli_stmt_execute($stmt_one);

Should be

echo 'success: mysqli_stmt_execute($stmt_one)';

Add begin and end ' single quotes to each one.

 

[sunny_pro]

I don't know why my following version is still showing http Error 500.

<?php

include 'config.php';

if (!isset($_GET["email"], $_GET["account_activation_code"]) === true){
    $_SESSION['error'] = "Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href=\"register.php\">Register here!</a>";
    exit();
} 
else 
{	
	$email = htmlspecialchars($_GET['email']);	
	$account_activation_code = htmlspecialchars($_GET['account_activation_code']);	
	if ($stmt_one = mysqli_prepare($conn, "SELECT usernames, accounts_activations FROM users WHERE emails = ? AND accounts_activations_codes = ?");	
		echo mysqli_error($conn);
		echo 'Success: Mysqli Prepare passed!';
		mysqli_stmt_bind_param($stmt_one, 'si', $email,  $account_activation_code);	
		mysqli_stmt_bind_result($stmt_one, $username, $userActivationState);	
		var_dump($email, $account_activation_code, $stmt_one, $userActivationState);
	}
	else
	{
		echo "Failure: Mysqli Prepare Failed!";
		exit;
	}	
	if (mysqli_stmt_execute($stmt_one)) 
	{
		echo 'Success: Mysqli_stmt_execute($stmt_one)';
	}
	else
	{
		echo 'Failure: Mysqli_stmt_execute($stmt_one)';
		exit;
	}    
    if( mysqli_stmt_fetch($stmt_one)) 
	{
		echo 'Success: Mysqli_stmt_fetch($stmt_one)';
	}
	else
	{
		echo 'Failure: Mysqli_stmt_fetch($stmt_one)';
		exit;
	}
	if ($userActivationState != 0)
	{	
		echo "Since your account is already activated, why are you trying to activate it again ? Do not do that again and just login from <a href=\"login.php\">this webpage</a> next time! Make a note of that webpage, ok ?";
		exit;
	}
	else
	{
		$userActivationState = 1;
		var_dump($stmt_one);
		
		$stmt_two = mysqli_prepare($conn, "UPDATE users SET accounts_activations = ? WHERE usernames = ?");
		echo mysqli_error($conn);
		mysqli_stmt_bind_param($stmt_two, 'is', $userActivationState, $username);		
		var_dump($stmt_two, $userActivationState, $username);		
		if (mysqli_stmt_execute($stmt_two))
		{
			echo "<h3 style='text-align:center'>Thank you for your confirming your email and activating your account.<br /> Redirecting you to the login page ...</h3>";
			$_SESSION["user"] = $username;
			header("location:home.php");
			exit;
		}
		else
		{
			echo 'Failure: Mysqli_stmt_fetch($stmt_one)';
			exit;
		}
	} 
	else 
	{
		echo "FAILURE to UPDATE db";
		exit;
	}
}

?>

 

[Rob Whisonant]

Look in the folder the script is executing from and see if you have an error log file. That may give more details on why it is giving an error. If you don't see one, check in cpanel for an error log viewer or tale log viewer.