What is Call to a member function bind_param() on bool in /file.php:60 n the context of the following code, and how do I fix it?
The Code:
The Code:
Code:
<?php
// Start PHP Session, if not already started. Login verification script will be placed in this section later.
session_start();
// Connect to database. Change this to the proper SQL connection info.
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'user';
$DATABASE_PASS = 'password';
$DATABASE_NAME = 'library';
// Try and connect using the info above. Return error if unsucessful.
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if ( mysqli_connect_errno() ) {
// If there is an error with the connection, stop the script and display the error.
die('Failed to connect to MySQL: ' . mysqli_connect_error());
}
// Now we check if the data from the lookup form was submitted, isset() will check if the data exists.
if ( !isset($_POST['call']) ) {
// Could not get the data that should have been sent.
die('Please fill in a valid Call Number!');
}
//Start HTML5 code for the output
echo '<!DOCTYPE html>';
echo '<head>';
echo '<style>';
echo 'table {';
echo 'font-family: arial, sans-serif;';
echo 'border-collapse: collapse;';
echo 'width: 100%;';
echo '}';
echo 'td, th {';
echo 'border: 1px solid #dddddd;';
echo 'text-align: left;';
echo 'padding: 8px;';
echo '}';
echo 'tr:nth-child(even) {';
echo 'background-color: #dddddd;';
echo '}';
echo '</style>';
echo'</head>';
echo '<body>';
echo '<table><tr>';
echo '<th>Call No.</th>';
echo '<th>Subject</th>';
echo '<th>Title</th>';
echo '<th>Author</th>';
echo '<th>Description</th>';
echo '<th>Publisher</th>';
echo '<th>Year Pub.</th>';
echo '<th>Year Rev.</th>';
echo '<th>Cheked Out</th>';
echo '</tr>';
// Prepare our SQL, preparing the SQL statement will prevent SQL injection. call is a Call No.
// e.g. in the format 320.01SIM ,etc.
$stmt = $con->prepare('SELECT * FROM catalog WHERE call = ?');
// Bind parameters (s = string, i = int, b = blob, etc), in our case the call number is a varchar string so we use "s"
$stmt->bind_param('s', $_POST['call']);
//Execute the prepared statement
$stmt->execute();
$result = $stmt->get_result();
// Loop through the rows of the table that match the result and output to html table.
while($row = $result->fetch_assoc()) {
echo "<tr><td>" . $row['call'] . "</td><td>" . $row['subject'] . "</td><td>" . $row['title'] . "</td><td>" . $row['author'] . "</td><td>" . $row['description'] . "</td><td>" . $row['publisher'] . "</td><td>" . $row['pubyear'] . "</td><td>" . $row['revision'] . "</td><td>" . $row['out'] . "</td></tr>";
}
//Close the SQL connection.
$stmt->close();
//Finish up HTML5 code and exit this script.
echo '</table></body></html>';
exit;
?>
Comment