Fatal error: Uncaught Error: Cannot pass parameter 5 by reference

qwerty · December 10, 2021, 8:19am

<?php
//$db = mysqli_connect("localhost", $login,$dbpass,$dbname);
$db = mysqli_connect('localhost', 'root', '', 'multi_login');
session_start();

?>
<?php
$errorCorrectionLevel = 'L';
$matrixPointSize = 4;

if($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['verify_btn'])):
	/*
	echo "<pre>";
	print_r($_POST); 
	echo "</pre>";
	*/	 

	//set it to writable location, a place for temp generated PNG files
	$PNG_TEMP_DIR = dirname(__FILE__).DIRECTORY_SEPARATOR.'temp'.DIRECTORY_SEPARATOR;
	
	//html PNG location prefix
	$PNG_WEB_DIR = 'temp/';
	
	include "phpqrcode/qrlib.php";    
	
	//ofcourse we need rights to create temp dir
	if (!file_exists($PNG_TEMP_DIR))
	    mkdir($PNG_TEMP_DIR);    
	
	$filename = $PNG_TEMP_DIR.'test.png'; 
	/////////////////////////////////////

	if (isset($_REQUEST['level']) && in_array($_REQUEST['level'], array('L','M','Q','H'))):
        $errorCorrectionLevel = $_REQUEST['level'];  
	endif;  

    if (isset($_REQUEST['Pointsize'])):
        $matrixPointSize = min(max((int)$_REQUEST['Pointsize'], 1), 10);
	endif;


	
		if((!empty($_REQUEST['property_type']) && in_array($_REQUEST['property_type'], array('TBA1','TBA2','TBA3'))) && !empty($_REQUEST['location']) && !empty($_REQUEST['size'])):
		
		$data = 'Property Type: ' .$_REQUEST['property_type']."\n";
	    $data .= 'Location: ' .$_REQUEST['location']."\n";
	    $data .= 'Size: ' .$_REQUEST['size']."\n";
		$filename = $PNG_TEMP_DIR.'test'.md5($data.'|'.$errorCorrectionLevel.'|'.$matrixPointSize).'.png'; 
		QRcode::png($data, $filename, $errorCorrectionLevel, $matrixPointSize, 2);		
		endif;
		/*
		$imgData = addslashes(file_get_contents($filename));
		$imageProperties = getimageSize($filename);
		
		$sql = "INSERT INTO trial (imageType ,imageData, user_id)
		VALUES('{$imageProperties['mime']}', '{$imgData}','".$_SESSION['id']."')";
		mysqli_query($db, $sql) or die("<b>Error:</b> Problem on Image Insert<br/>" . mysqli_error($db)); 
		$current_id = mysqli_insert_id($db);
		*/ 
		
		$imgData = file_get_contents($filename);
		$imageProperties = getimageSize($filename);
		
		$sql = "INSERT INTO property (imageType ,imageData, user_id, property_id,location,size) VALUES(?,?,?,?,?,?)";		
		$query = $db->prepare($sql);		
		$query->bind_param("ssisss", $imageProperties['mime'], $imgData, $_SESSION['id'],'$property_id','$location','$size'); 		
		$query->execute();
		$current_id = $query->insert_id;
				 
		//Optional removal of physical temp image  
		unlink($filename); 
	endif;

?>

<form method= "post" action="">
			<div class="container mt-3">
			 <label><i class="fa fa-building"></i>Property Type</label>
				<select name="property_type" class="form-control" required ="required" >
				<option value="" > ~ Select Address ~ </option>
				<option value="TBA1">TBA1</option>
				<option value="TBA2">TBA2</option>
				<option value="TBA3">TBA3</option>
				</select>
		</div>
		<div class="container mt-3">
			  	<label><i class="fa fa-map-marker"></i>Location</label>
			  	<input type="text" name="location" class="form-control" required ="required">
		</div>
		<div class="container mt-3">
			  	<label>Size</label>
			  	<input type="text" name="size" class="form-control" required ="required">
		</div>
		<div class="mb-3 mt-3">
					<button type="submit" class="btn btn-primary" name="verify_btn">Submit</button>
		</div>
	</form>

Fatal error : Uncaught Error: Cannot pass parameter 5 by reference in C:\xampp\htdocs\ims\admin\new2.php:66 Stack trace: #0 {main} thrown in C:\xampp\htdocs\ims\admin\new2.php on line 66

mabismad · December 10, 2021, 9:19am

You can only bind php variables. Some of those are not just php variables and will produce the error you are getting.

qwerty · December 10, 2021, 9:23am

I already remove ‘$property_id’,‘$location’,‘$size’ and I’m getting other error which is Fatal error : Uncaught Error: Call to a member function bind_param() on boolean = $query->bind_param(“ssi”, $imageProperties[‘mime’], $imgData, $_SESSION[‘id’]);

mabismad · December 10, 2021, 9:45am

Edit: what’s the deal with OPs deleting posts and wasting member’s time writing replies.

Wouldn’t that mean that $query is a boolean (false) value, rather than the expected mysqli prepared statement object, because the ->prepare() call failed?

You always need error handling for statements that can fail. For database statements that can fail - connection, query, prepare, and execute, the simplest way of adding error handling, without adding logic at each statement, is to use exceptions for errors and in most cases let php catch and handle the exception, where php will use its error related settings to control what happens with the actual error information (database statement errors will ‘automatically’ get displayed/logged the same as php errors.) To use exceptions for mysqli errors, add the following line of code before the point where you make the database connection -

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

droopsnoot · December 10, 2021, 6:03pm

Why were these in quotes? That’s why you were having earlier problems - you’re passing in quoted strings.

Show us the new code, including the query.

SpacePhoenix · December 10, 2021, 8:03pm

Session IDs are an alphanumeric string, not an integer

Drummin · December 10, 2021, 9:23pm

My version does not have property_id as I have no idea where that is coming from. I believe the original pass by reference error came from using this string

'unverified'

Instead of defining a variable and passing it as the bind_param value.

$status = 'unverified';

Regarding defining type as 'i' or 's' for a session ID I think what matters more is the type of DB field you are dealing with, i.e. querying into or against, and if session ID was set as an integer from a query result. I suspect his user_id field may not be type integer.

Working with his sql sample he sent me through PM I have this query, which is working fine.

if((!empty($_REQUEST['property_type']) && in_array($_REQUEST['property_type'], array('TBA1','TBA2','TBA3'))) && !empty($_REQUEST['location']) && !empty($_REQUEST['size'])):
	
	$data = 'Property Type: ' .$_REQUEST['property_type']."\n";
    $data .= 'Location: ' .$_REQUEST['location']."\n";
    $data .= 'Size: ' .$_REQUEST['size']."\n";
	$filename = $PNG_TEMP_DIR.'test'.md5($data.'|'.$errorCorrectionLevel.'|'.$matrixPointSize).'.png'; 
	QRcode::png($data, $filename, $errorCorrectionLevel, $matrixPointSize, 2);		
		 
					   
	$imgData = file_get_contents($filename);
	$imageProperties = getimageSize($filename);
	$status = 'unverified';
		
	$sql ="INSERT INTO property (property_type, location, size, imageType, imageData, user_id, status) 
		VALUES (?,?,?,?,?,?,?)";
	
	$query = $db->prepare($sql);		
	$query->bind_param("sssssis", $_REQUEST['property_type'], $_REQUEST['location'], $_REQUEST['size'], $imageProperties['mime'], $imgData, $_SESSION['id'], $status); 		
	$query->execute();
	$current_id = $query->insert_id;
			 
	//Optional removal of physical temp image  
	unlink($filename); 
endif;

system · March 12, 2022, 4:23am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.