Feeling a little stupid to ask such a question, but this code block is driving me crazy.
function __construct() {
$db = new db();
$this->db = $db->pdo;
}
function getEmployeeDetails() {
$eid = $this->db->quote($this->eid);
try {
$sql = $this->db->query("
SELECT email, cnumber
FROM employees
WHERE EID = $eid
");
$r = $sql->fetch();
$this->email = $r[0];
$this->cnumber = $r[1];
}
catch (PDOException $e) {
throw new Exception("failed");
}
}
It doesn't throw an exception but fails inside the try block - "Call to a member function fetch() on a non-object".
var_dump of the statement object returns 'false'. Why?
I've tried running the query independently, inside MySql. It returns 1 row.
It's hard to tell whether you have done this, but PDO doesn't throw exceptions by default, except on connection failures. You have to specifically add this:
$this->db = $db->pdo;
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
Without this, errors that occur during the query will cause ->query() to return false and that's obviously not an object that will have the ->fetch() method. You can also specify this attribute as part of the constructor call.
Also, you could use prepared statements instead of using ->quote():
$stmt = $this->db->prepare("SELECT email, cnumber
FROM employees
WHERE EID = ?");
$stmt->execute(array($this->eid));
$r = $stmt->fetch();
Related
I'm getting the error:
Call to a member function fetch() on a non-object
The line this refers to is:
$getProjectIdResult = $stmt->fetch();
Now, I think from this error that there must be something wrong with my database query, since the documentation says PDO query returns false on failure. I'm having trouble identifying what is causing the issue.
I've tried wrapping the fetch in a try/catch, with
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
However the catch isn't triggered and I just get the original fatal error so I haven't been able to get a more specific error.
classes.php
class Query extends Connection {
public function getProjectID($surveyID) {
$query_getProjectID = "SELECT projectID FROM test WHERE surveyID = :surveyID";
$query_getProjectID_params = array(
':surveyID' => $surveyID
);
try {
$stmt = $this->db->prepare($query_getProjectID);
$stmt = $stmt->execute($query_getProjectID_params);
}
catch (PDOException $ex) {
die("Failed to get project ID: " . $ex->getMessage());
}
$getProjectIdResult = $stmt->fetch();
$getProjectID = $getProjectIdResult['projectID'];
return $getProjectID;
}
}
test.php
include_once("includes/classes.php");
include_once("includes/functions.php");
// Bind $_GET data
// localhost/panel/test.php?surveyID=3&status=1&respondentID=666
// Expected result: 111
$surveyID = sanitise($_GET['surveyID']);
$status = sanitise($_GET['status']);
$respondentID = sanitise($_GET['respondentID']);
$con = new Connection();
$query = new Query();
$query->getProjectID($surveyID);
$con->closeConnection();
I've ruled out the sanitise function causing an issue by testing with and without it.
I apologise as I know this is probably just another amateur making another amateur mistake judging by how many posts there are by the same title.
When you call
$stmt = $stmt->execute($query_getProjectID_params);
You assign the return-value of execute() to $stmt, overwriting the variable, making it a boolean instead of an object. When you continue, $stmt no longer holds the PDOStatement object, but is now a boolean.
The solution is simply to remove the overwrite of your object, like this (remove $stmt = in front).
$stmt->execute($query_getProjectID_params);
http://php.net/pdostatement.execute
I red several questioins, but no one helped.
Fatal error: Call to a member function bind_param() on boolean in -> nope.
Fatal error: Call to a member function prepare() on null -> nope.
Fatal error: Call to a member function count() on boolean -> nope.
Fatal error Call to a member function prepare() on null -> nope.
fatal error call to a member function prepare() on resource -> nope.
Error: Call to a member function prepare() on a non-object -> nope. I am done..
I am using PHP5 and mySql with PDO:
Connection and Select works fine, but the Insert didnt want to work.
That's my function:
function AddNewUser($nickname, $email)
{
ini_set('display_errors', 1); //DELETE ME
ini_set('expose_php', 1); //DELETE ME
$pdo = EstablishDBCon();
echo "Subscribe user..<br/>";
$sql = "INSERT INTO db.table (nickname, email, insertdate, updatedate) VALUES (:nickname, :email, :insertdate, :updatedate)";
try {
$stmt = $pdo->prepare($sql); //Error at this line
//id?
$stmt->bindParam(':nickname', $nickname, PDO::PARAM_STR);
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
$stmt->bindParam(':insertdate', date("Y-m-d H:i:s"), PDO::PARAM_STR);
$stmt->bindParam(':updatedate', null, PDO::PARAM_NULL);
$stmt->exeute();
CloseDBCon($pdo);
echo "Subscribed!<br/>";
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
}
The DB pattern is:
id (int not null auto_inc) | nickname (varchar not null) | email (varchar not null) | insertdate (datetime) | updatedate (datetime)
I am new to php and I do not understand that type of error.
I marked the line inside the code, where the error is thrown:
$stmt = $pdo->prepare($sql); //Error at this line
Can someone help me?
Thanks in advance!
//EDIT:
Connection aka db_connection.php:
<?php
echo 'Establishing MySQL Connection<br/>';
$pdo = null;
$dsn = 'mysql: host=xx; dbname=xx';
$dbUser = 'xx';
$pw = 'xx';
try {
$pdo = new PDO($dsn, $dbUser, $pw);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo 'Connection established.<br/>';
}
catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
return $pdo;
?>
Here is the EstablishDBCon function:
function EstablishDBCon()
{
$pdo = include_once 'db_connection.php';
return $pdo;
}
The best way to reuse functions is to put it inside of the include file, then include it at the top of each file you'll need it. So inside of your db_connection.php, create your function:
function EstablishDBCon()
{
$pdo = false;
try{
// Put your PDO creation here
} catch (Exception $e) {
// Logging here is a good idea
}
return $pdo;
}
Now you can use that function wherever you need it. Make sure you always make sure $pdo !== false before you use it, to make sure your connection hasn't failed.
The problem is in the function EstablishDBCon(), which expects the include_once statement to return a value as if the contents of the included file are a function.
function EstablishDBCon()
{
$pdo = include_once 'db_connection.php';
return $pdo;
}
But that's not how include_once works here:
if the code from a file has already been included, it will not be included again, and include_once returns TRUE.
That's why you end up with TRUE (a boolean) in your $pdo variable.
In any event, this kind of construction makes your code really hard to follow.
I recommend only using include and friends to combine self-contained PHP functions together, or to embed parts of HTML pages in one another.
Call to a member function on boolean in this case means that $pdo is not an object, it's a boolean. So it's likely that EstablishDBCon() is returning either a true on success or false otherwise, as opposed to a database resource. Double-check the docs on that function. Here's a link to some relevant documentation on PDO that you'll need.
I'm trying to get my head around PDO transactions to commit a fairly complex set of MySQL queries at once. When I run the transaction however, it will commit one query and not the other - if there is a single error in either query I expect it to roll back both queries and not make changes to either table.
So far:
My connect.php file:
class DbConnect {
private $conn;
function __construct() {
}
/**
* Establishing database connection
* #return database connection handler
*/
function connect() {
//Where HOST, USER, PASS etc are set
include_once "./dbconfig.php";
// Establish the connection
try {
$this->conn = new PDO("mysql:host=".HOST.";dbname=".DBNAME, USER, PASS);
$this->conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$this->conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
return $this->conn;
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die();
}
}
}
My file where I'm trying to pass the simultaneous SQL queries
public function transaction ($userId, $amount){
//Creates the PDO connection EDIT: added my DB connection
$db = new DbConnect();
$this->conn = $db->connect();
$con = $this->conn;
$con->beginTransaction();
try{
$sql = "INSERT INTO transactions (id_user, amount) VALUES (?, ?)";
$trans = $con->prepare($sql);
$trans->execute([$userId, $amount]);
//If I purposely create an error here the query above still runs in the database e.g. remove the $amount variable
$this->updateBalance($userId, $amount);
$con->commit();
return true;
}
catch (PDOException $e) {
$con->rollBack();
throw $e;
}
}
private function updateBalance ($userId, $amount){
$time = time();
$sql = "UPDATE balance SET balance=balance + ? WHERE user_id = ?";
$stmt = $this->conn->prepare($sql);
$stmt->execute([$amount, $userId]);
$row_count = $stmt->rowCount();
return $row_count > 0;
}
The above is just a small sample of a bigger more complex procedure otherwise I'd just put the balance query in the same place as the transaction, however I need to keep it in a separate function. Any ideas how I can get this into an "All or nothing" commit state?
Well first of all you are not checking the return status of the call to your second function
$this->updateBalance($userId, $amount);
So how will you know there is an error even if there is one?
If you make that called function Throw an exception rather than returning a status, it should be caught by the calling blocks catch() block causing the rollback() and not the commit()
Something like this
public function transaction ($userId, $amount){
//Creates the PDO connection
$con = $this->conn;
$con->beginTransaction();
try{
$sql = "INSERT INTO transactions (id_user, amount) VALUES (?, ?)";
$trans = $con->prepare($sql);
$trans->execute([$userId, $amount]);
// If I purposely create an error here the
// query above still runs in the database
// e.g. remove the $amount variable
$this->updateBalance($userId, $amount);
$con->commit();
return true;
}
catch (PDOException $e) {
$con->rollBack();
throw $e;
return false;
}
}
/*
* If this function throws an exception
* rather than returning a status, then it will
* stop execution of the try block and
* be caught by the calling blocks catch() block
*/
private function updateBalance ($userId, $amount){
$sql = "UPDATE balance SET balance=balance + ? WHERE user_id = ?";
$stmt = $this->conn->prepare($sql);
$res = $stmt->execute([$amount, $userId]);
if ( ! $res ) {
throw new Exception('It errored');
}
}
Alternatively you could make all PDO calls throw exceptions by setting PDO::ERRMODE_EXCEPTION just after you connect to your database.
$dbh = new PDO($dsn, $user, $password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
However, this may be to major a change to PDO's error processing depending on how much code you have already produced.
I am having an issue executing the below code. I get an error: Fatal error: Call to a member function prepare() on null in C:\xampp\htdocs... everytime I run it. It errors out right when it is about to query the database for some reason.
I am creating a function to check a username and password, and if it matches, log the user in and so forth. What I am trying to do is feed the outer function a username and a password, then pass those variables to the inner function (checkUser) to retrieve the user and password. Once I have those in an array, I want to compare to see if they match. If they do, then I want to continue on (I left the rest out for simplicity's sake). I don't know why I am getting the error I am getting, especially since it won't even run the 3rd line in the CheckUser without a fatal error.
This is homework, fyi, cards on the table. Just trying to get past this part. Thanks for any help.
function isValidUser($username, $password){
$checker = checkUser($username, $password);
if ($checker[user_email] == $username && $checker[user_pwd] == $password ) {
return TRUE;
}
}
function checkUser($username, $password) {
global $db;
$st = $db -> prepare('SELECT * FROM user WHERE user_email = ? and user_pwd = ?;');
$st -> bindParam(1, $username);
$st -> bindParam(2, $password);
$st -> execute();
return $st -> fetch(PDO::FETCH_ASSOC);
}
try this instead of global $db
$db = $GLOBALS['db'];
this is my current Database class:
class Database {
private $db;
function Connect() {
$db_host = "localhost";
$db_name = "database1";
$db_user = "root";
$db_pass = "root";
try {
$this->db = new PDO("mysql:host=" . $db_host . ";dbname=" . $db_name, $db_user, $db_pass);
} catch(PDOException $e) {
die($e);
}
}
public function getColumn($tableName, $unknownColumnName, $columnOneName, $columnOneValue, $columnTwoName = "1", $columnTwoValue = "1") {
$stmt = $this->db->query("SELECT $tableName FROM $unknownColumnName WHERE $columnOneName='$columnOneValue' AND $columnTwoName='$columnTwoValue'");
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $results[0][$unknownColumnName];
}
}
I'm trying to run it using the following code:
$db = new Database();
$db->Connect();
echo $db->getColumn("Sessions", "token", "uid", 1);
And i get the following error:
PHP Fatal error: Call to a member function fetchAll() on a non-object in /Users/RETRACTED/RETRACTED/root/includes/Database.php on line 19
Any idea what's up? Thanks
This function is prone to SQL injection.
This function won't let you get a column using even simplest OR condition.
This function makes unreadable gibberish out of almost natural English of SQL language.
Look, you even spoiled yourself writing this very function. How do you suppose it to be used for the every day coding? As a matter of fact, this function makes your experience harder than with raw PDO - you have to learn all the new syntax, numerous exceptions and last-minute corrections.
Please, turn back to raw PDO!
Let me show you the right way
public function getColumn($sql, $params)
{
$stmt = $this->db->prepare($sql);
$stmt->execute($params);
return $stmt->fetchColumn();
}
used like this
echo $db->getColumn("SELECT token FROM Sessions WHERE uid = ?", array(1));
This way you'll be able to use the full power of SQL not limited to a silly subset, as well as security of prepared statements, yet keep your code comprehensible.
While calling it still in one line - which was your initial (and extremely proper!) intention.
it means your $stmt variable is not returning a PDOStatement object. your query is failing since PDO::query either returns a PDOStatement or False on error.
Use fetch instead of fetchAll..that will be easy in your case
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $results[0][$unknownColumnName];
It will be
$results = $stmt->fetch(PDO::FETCH_ASSOC);
return $results[$unknownColumnName];