2

Title kind of says it all, im paying 3 variables through function insertannounce and the database is throwing back an error: Fatal error: Cannot pass parameter 4 by reference.

fyi: id is not auto increment and date is a string.

requested info: php

for ($j = 0; $j < count($server_id); $j++){
  $found = 0;

if (isset($local_id[0])){

    for ($i = 0; $i < count($local_id); $i++) {
          if ($server_id[$j] == $local_id[$i]){
              $found = 1;
          }
    }
    if ($found == 0)
        insertAnnounce($server_id[$j], $server_message[$j], $server_date[$j]);  

 }
 else  //if both fields are empty
      insertAnnounce($server_id[$j], $server_message[$j], $server_date[$j]);                  
}

function: 

function insertAnnounce ($id, $message, $date){

         // $insert = $mysqli->query("INSERT announce (id, message, active, datestamp) VALUES ('{$id}', '{$message}', 'enabled', '{$date}')");
           if ($stmt = $mysqli->prepare("INSERT INTO announce (id, message, active, datestamp) VALUES (?, ?, ?, ?)"))
            {
             $stmt->bind_param("isss", $id, $message, 'enabled', $date);
             $stmt->execute();
             $stmt->close();
            }
    }

any ideas?, thanks!

jeroen
  • 91,079
  • 21
  • 114
  • 132
Albert D
  • 71
  • 1
  • 10
  • Which line exactly does the error message you get correspond to? Also please post an example of how you call `insertAnnounce()` (along with what parameters you pass to that function and how you define those variables). – SquareCat Dec 21 '13 at 01:57
  • Then why not add an extra parameter `$active` and do `function insertAnnounce ($id, $message, $active, $date){` ? I'm no PDO/MySQLi pro, but that's what I get out of it. – Funk Forty Niner Dec 21 '13 at 02:00
  • This answer may help shed some light on the subject => http://stackoverflow.com/a/13105389/1415724 – Funk Forty Niner Dec 21 '13 at 02:03
  • 1
    You should not modify the original code / question, but put new stuff below it as this way earlier answers will not make sense any more. – jeroen Dec 21 '13 at 02:05

2 Answers2

2

If you look at the manual on bind_param(), you see that all parameters are passed by reference, like &$var1, etc.

Your string is fixed and cannot be passed by reference, so you would need to do something like:

...
$var3 = 'enabled';
$stmt->bind_param("isss", $id, $message, $var3, $date);
...
jeroen
  • 91,079
  • 21
  • 114
  • 132
  • 1
    I guess I wasn't very far from the truth then. This, being before I saw the OP's added code. – Funk Forty Niner Dec 21 '13 at 02:02
  • now im getting Call to a member function prepare() on a non-object – Albert D Dec 21 '13 at 02:02
  • 1
    @AlbertD That is probably because `$mysqli` is not defined in the scope of the function. You need to pass it as a parameter. – jeroen Dec 21 '13 at 02:03
  • 1
    jeroen, that did the trick, I kind of figured that was the problem, but I was trying the wrong things to fix it. – Albert D Dec 21 '13 at 02:06
  • also, can anyone explain to me, or point me the right direction to why binding is important? – Albert D Dec 21 '13 at 02:08
  • 2
    @AlbertD With binding you don't have to worry about sql injection; variables with special characters breaking your query or hackers trying to modify your query. Without binding you would have to sanitize all variables you use in the query, in this case with `mysqli_real_escape_string()`. – jeroen Dec 21 '13 at 02:10
0

It seems like your $date variable is an object, and the parse function cannot parse a reference since objects can't be saved into the database. Use a $date->toString() or $date->toUnixTimestamp() method. (Depends on what $date is)

CharlyDelta
  • 938
  • 11
  • 31