致命错误:在非对象上调用成员函数query() [英] Fatal error: Call to a member function query() on a non object
问题描述
我遇到了这个错误:
致命错误:在第8行的/Applications/XAMPP/xamppfiles/htdocs/login.php中的非对象上调用成员函数query()
行是这样的:
$res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
这是login.php:
$user = $_POST['user'];
$pass = $_POST['pass'];
$pw = md5($pass);
include_once('connect.php');
function check_login($user,$pw,&$result){
$res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
$cont = 0;
while($row = $res->fetch_object()){
$cont++;
$result = $row;
}
if($cont == 1){
return 1;
}
else{
return 0;
}
}
if(!isset($_SESSION['userid'])){
if(isset($_POST['login'])){
if(check_login($user,$pw,$result) == 1){
session_start();
$_SESSION['userid'] = $result->id_user;
header("location:index.php?var=ok");
}
else{
header('location:index.php?var=log');
}
}
}
以及connect.php的代码:
$mysqli = new mysqli('localhost', 'root', 'pass', 'cms' );
if ($mysqli->connect_error) {
die('Error de Conexión (' . $mysqli->connect_errno . ') '
. $mysqli->connect_error);
}
可能是什么问题?连接数据库有问题吗?
这很可能是 编辑:哦,您还应该注意代码中的SQL注入漏洞.使用准备的语句可以防止此问题发生(或至少避免您的输入具有 I've got this error: Fatal error: Call to a member function query() on a non-object in /Applications/XAMPP/xamppfiles/htdocs/login.php on line 8 The line is this: This is login.php: And the code of connect.php : What could be the problem? Problems connecting the database? This is most likely a scoping issue. This means that the variable You could try to get the Edit: Oh, and you should also mind the SQL injection vulnerabiliy in your code. Use prepared statements to prevent this issue (or at least escape your input variables with a function like 这篇关于致命错误:在非对象上调用成员函数query()的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!mysqli::real_escape_string
)之类的函数的变量.>$res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
$user = $_POST['user'];
$pass = $_POST['pass'];
$pw = md5($pass);
include_once('connect.php');
function check_login($user,$pw,&$result){
$res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
$cont = 0;
while($row = $res->fetch_object()){
$cont++;
$result = $row;
}
if($cont == 1){
return 1;
}
else{
return 0;
}
}
if(!isset($_SESSION['userid'])){
if(isset($_POST['login'])){
if(check_login($user,$pw,$result) == 1){
session_start();
$_SESSION['userid'] = $result->id_user;
header("location:index.php?var=ok");
}
else{
header('location:index.php?var=log');
}
}
}
$mysqli = new mysqli('localhost', 'root', 'pass', 'cms' );
if ($mysqli->connect_error) {
die('Error de Conexión (' . $mysqli->connect_errno . ') '
. $mysqli->connect_error);
}
$mysqli
that you define in your included file is outside of the check_login
function's scope (i.e. is not known inside this function).$mysqli
variable from global scope withfunction check_login($user,$pw,&$result){
global $mysqli;
$res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
// ...
mysqli::real_escape_string
).