This question applies specifically to issues in the Openwall tutorial on PHP password hashing. Please read the edit below.
This question has been asked hundreds of times, but none of the answers found my issue.
$app->post("/movies", function() use ($app, $log){
$db = new mysqli(db_address,db_user,db_pass,db_database,db_port);
if ($db->connect_errno) {
$log->emergency("EM[MYSQL] Can't connect to MySQL: " . $db->error);
}
($stmt = $db->prepare("INSERT INTO movies (MovieName, MovieCover, MovieDescription, MovieDirector, MovieDate) VALUES (':title', ':cover', ':description', ':director', ':release_date')") || $log->error('ER[MYSQL] Could not prepare statement: ' . $db->error));
echo $db->error;
var_dump($stmt);
$title = grabPostVar('title');
$cover = grabPostVar('cover');
$desc = grabPostVar('desc');
$director = grabPostVar('director');
$release_date = grabPostVar('release_date');
if(!($stmt->execute(array(':title' => $title, ':cover' => $cover, ':description' => $desc, ':director' => $director, ':release_date' => $release_date))))
{
$log->emergency('EM[MYSQL] Misc issue: ' . $db->errno);
} else{
$log->info('I[MOVIE] Movie "' . $title . '" created, by user (u)$current_user(/u).');
}
$stmt->close();
$db->close();
}
On the front of this, it looks exactly the same as the other questions, but var_dump($stmt) retuns true, and according to the documentation
mysqli_prepare() returns a statement object or FALSE if an error occurred.
I used the following lines to check for this:
echo $db->error;
var_dump($stmt);
No error is printed, and var_dump yields bool(true). Any ideas? A statement very like this was working 100% very recently, but with no MySQL error return I'm completely stumped.
Edit:
Yes it was all to do with that stupid OR comparison, thank you for your answers.
if(!($stmt = $db->prepare('INSERT INTO movies (MovieName, MovieCover, MovieDescription, MovieDirector) values (?, ?, ?, ?)'))){
$log->error('ER[MYSQL] Could not prepare statment: ' . $db->error);
}
On a sidenote, I suggest that anyone following the Openwall tutorial on password hashing should change to if statements as well.