致命错误:在非对象上调用成员函数query() [英] Fatal error: Call to a member function query() on a non object

问题描述

我遇到了这个错误:

致命错误:在第8行的/Applications/XAMPP/xamppfiles/htdocs/login.php中的非对象上调用成员函数query()

行是这样的:

$res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");

这是login.php:

$user = $_POST['user'];
$pass = $_POST['pass'];
$pw = md5($pass); 
include_once('connect.php');

function check_login($user,$pw,&$result){
    $res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
    $cont = 0;
    while($row = $res->fetch_object()){
        $cont++;
        $result = $row;
    }
    if($cont == 1){
        return 1;
    }
    else{
        return 0;
    }
}

if(!isset($_SESSION['userid'])){
  if(isset($_POST['login'])){
    if(check_login($user,$pw,$result) == 1){
        session_start();
        $_SESSION['userid'] = $result->id_user;
        header("location:index.php?var=ok");
    }
    else{
        header('location:index.php?var=log');
    }
  }
}

以及connect.php的代码:

$mysqli = new mysqli('localhost', 'root', 'pass', 'cms' );
if ($mysqli->connect_error) {
   die('Error de Conexión (' . $mysqli->connect_errno . ') '
        . $mysqli->connect_error);
 }

可能是什么问题?连接数据库有问题吗?

解决方案

这很可能是

编辑:哦，您还应该注意代码中的SQL注入漏洞.使用准备的语句可以防止此问题发生(或至少避免您的输入具有 mysqli::real_escape_string )之类的函数的变量.

I've got this error:

Fatal error: Call to a member function query() on a non-object in /Applications/XAMPP/xamppfiles/htdocs/login.php on line 8

The line is this:

$res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");

This is login.php:

$user = $_POST['user'];
$pass = $_POST['pass'];
$pw = md5($pass); 
include_once('connect.php');

function check_login($user,$pw,&$result){
    $res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
    $cont = 0;
    while($row = $res->fetch_object()){
        $cont++;
        $result = $row;
    }
    if($cont == 1){
        return 1;
    }
    else{
        return 0;
    }
}

if(!isset($_SESSION['userid'])){
  if(isset($_POST['login'])){
    if(check_login($user,$pw,$result) == 1){
        session_start();
        $_SESSION['userid'] = $result->id_user;
        header("location:index.php?var=ok");
    }
    else{
        header('location:index.php?var=log');
    }
  }
}

And the code of connect.php :

$mysqli = new mysqli('localhost', 'root', 'pass', 'cms' );
if ($mysqli->connect_error) {
   die('Error de Conexión (' . $mysqli->connect_errno . ') '
        . $mysqli->connect_error);
 }

What could be the problem? Problems connecting the database?

解决方案

This is most likely a scoping issue. This means that the variable $mysqli that you define in your included file is outside of the check_login function's scope (i.e. is not known inside this function).

You could try to get the $mysqli variable from global scope with

function check_login($user,$pw,&$result){
    global $mysqli;
    $res = $mysqli->query("SELECT * FROM user WHERE user='$user' and password='$pw'");
    // ...

Edit: Oh, and you should also mind the SQL injection vulnerabiliy in your code. Use prepared statements to prevent this issue (or at least escape your input variables with a function like mysqli::real_escape_string).

这篇关于致命错误:在非对象上调用成员函数query()的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！