0

It does not print the result. Dont know why. Everything is neatly commented

I get no error displays, no syntax blasphemes, it just does not print any result. However, I do know that the values are passed by the form to this processing php page, so the error is not in there. In the DB I have encrypted all fields except 'company'- Thus, I want to see if this will work by trying to fetch the results back.

// 1. Creating a new server connection

$db = new mysqli('localhost', 'root', '', 'developers');
if ($db->connect_errno) {
    printf("Connect failed: %s\n", $mysqli->connect_error);
    exit();
}
// 2, Creating statement object
$stmt = $db->stmt_init();

// 3, Creating a prepared statement
if($stmt->prepare("SELECT company FROM accesoweb WHERE username = AES_DECRYPT(?, 'salt')")) {

//4. Binding the variable to replace the ?
    $stmt->bind_param('s', $username);

    printf("Error: %d.\n", $stmt->errno);


// 5. Executing query
    $stmt->execute();


// 6. Binding the result columns to variables
    $stmt->bind_result($company); 


// 7. Fetching the result of the query
    while($stmt->fetch()) {
        echo $company; 
    }

// 8. Closing the statement object
   $stmt->close();

// 9. Closing the connection

 $mysqli->close();

}

The inserting code that I just included in the MySQL was:

INSERT INTO accesoweb (company, username,email,password)
VALUES
 ('hola',
AES_ENCRYPT('maria','salt'),
AES_ENCRYPT('sumail','salt'),
AES_ENCRYPT('password',' salt')


);

So, that row above(actually, the "company" is what I am trying to recover through the PHP code

Improve this question
6
  • 1
    Is PHP or the webserver configured to output errors? Try a simpler script with debug trace and progressively add the code to see which line it fails on. Commented May 27, 2012 at 16:47
  • 1
    well, it does complain when i write wrong, it has been complaining all day, it is just that it stopped because 'presumably' i wiped all errors. In fact, I have this: error_reporting(E_ALL | E_STRICT); ini_set('display_errors', 'On'); at the top of my script Commented May 27, 2012 at 16:50
  • If I remember correctly, prepare is a method of the MySQLi object, not the MySQLiStatement object. Commented May 27, 2012 at 16:57
  • @Truth Both objects have a prepare() method, MySQLi::prepare() is just a shortcut so you don't have to call stmt_init(). I suspect you're thinking in PDO. Commented May 27, 2012 at 17:03
  • @iaintunderstand Your problem is most likely that the query returned no results - check the value of $stmt->num_rows to confirm. Commented May 27, 2012 at 17:06

1 Answer 1

Reset to default
3 
SELECT company FROM accesoweb WHERE username = AES_DECRYPT(?, 'salt')

Should be 

SELECT company FROM accesoweb WHERE username = AES_ENCRYPT(?, 'salt')

OR

SELECT company FROM accesoweb WHERE AES_DECRYPT(username, 'salt') = ?
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Bingo man! It is now 20:51. Been with it, since 09:00 writing the full code, going nuts through the internet for lack of a reliable example. That is why a book is so necessary. I could not find a reliable comprehensive tutorial so I had no way to learn, but by trial and error and bits here and there. Than you!!
that's a terrible logic bug to spot!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.