Solved

Call to a member function fetchAll() on a non-object

Posted on 2014-03-07
14
4,055 Views
Last Modified: 2014-03-09
hi,

i have the following function which i call upon logging in and it keep giving me the call on non-object what am i missing here. if i replace the prepare and just use ->query it seems to be fine but i read that if i do it that way i would run the risk of injection. any help is greatly appreciated

$conn= is my database connection

function get_session_data($userid){
	
	global $conn;
	//SELECT THE ITEMS FROM THE DATABASE YOU WANT
	$items="*";
	$senstive=array("password", "uuk","secret_q1","secret_q2","secret_ans1","secret_ans2");
	
	//GET THE INFORMATION FROM THE DATABASE
	$sql="SELECT ".$items." FROM bb_users WHERE uid=(:uid) LIMIT 1";	
	$res=$conn->prepare($sql);
	$data=$res->execute(array(":uid"=>$userid));
	$row = $data->fetchAll(PDO::FETCH_ASSOC);
	if($row){	
		foreach($row as $col =>$info){
			//DO NOT STORE THE PASSWORD OR OTHER SENSITIVE DATA
			if(!in_array($col,$senstive)){
			//SET EACH DATA VARIABLE AS A SESSION VARAIBLE
		
				$_SESSION[$col] =$info;	
			}
		}
	}else{
		//QUERY FAILED
		$warning="SESSION ERROR WITH SESSION".$conn->errorCode();
		print_r($warning);
		die;	
		
	}
	
}

Open in new window

0
Comment
Question by:M. Jayme Nagy
  • 5
  • 4
  • 4
14 Comments
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39913907
The most frequent cause of this message is a failing query.  The script did not test for query success and tried to use the result resource as if it were valid.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39913913
Try removing the colon from this statement.  It's used for the placeholder signal in the query string, but the array needs to use the field name without the colon.  I don't know why they designed it this way -- it's confusing and it would be easy enough to ignore leading colon.  But alas...

$data=$res->execute(array(":uid"=>$userid));

Change to:

$data=$res->execute(array("uid"=>$userid));

Some working examples are available in this article:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html

If you look carefully at the way errors and exceptions are handled you will find ways to get PHP to tell you what went wrong.

HTH, ~Ray
0
 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913917
so i

var_dump($data) = bool(true)

$data=$res->execute(array(":uid"=>$userid));
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913925
Oh i have been bouncing back and forth between that page, php.net and my project

 i changed

$data=$res->execute(array("uid"=>$userid));

same thing

i also tried
$row = $data->fetch(PDO::FETCH_ASSOC);
0
 
LVL 58

Expert Comment

by:Gary
ID: 39913926
Try this amendment

...
	$data=$res->execute(array(":uid"=>$userid));
	$row_count=$data->rowCount()
	$row = $data->fetchAll(PDO::FETCH_ASSOC);
	if($row_count>0){
...

Open in new window

0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39913927
Just edited my earlier comment - refer back :-)
0
 
LVL 58

Accepted Solution

by:
Gary earned 500 total points
ID: 39913933
Scrap the above.

...
	$res=$conn->prepare($sql);
	$res->execute(array(":uid"=>$userid));
	$row = $res->fetchAll(PDO::FETCH_ASSOC);
...

Open in new window


Notice you just execute the statement, no assignment.
0
 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913941
i tried both ways no luck and when i do the row count

 Call to a member function rowCount()
0
 
LVL 58

Expert Comment

by:Gary
ID: 39913945
The colons is a preferential thing, you don't need them as pdo understands what you mean but it is the documented method.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39913947
This might work better.  It's not a complete solution but at least it will give you some hope of getting an error message that means something.  Obviously it's untested code because we do not have your data set, but it may be worth a try.

function get_session_data($userid)
{
    // A PDO OBJECT
    global $conn;
    var_dump($conn);
    
    // SELECT THE ITEMS FROM THE DATABASE YOU WANT
    $items = "*";
    
    // LIST THE COLUMN NAMES YOU DO NOT WANT
    $senstive = array("password", "uuk","secret_q1","secret_q2","secret_ans1","secret_ans2");
    
    // QUERY TO GET THE INFORMATION FROM THE DATABASE
    $sql  = "SELECT $items FROM bb_users WHERE uid=:uid LIMIT 1";
    
    // PREPARE THE QUERY
    try 
    {     
        $pdos = $conn->prepare($sql); 
    } 
    catch(PDOException $exc) 
    { 
        var_dump($exc);
        trigger_error($exc->getMessage(), E_USER_ERROR);
    }

    // BIND THE VARIABLE AND TRY THE QUERY
    $pdos->bindParam(':uid', $userid, PDO::PARAM_STR);

    try
    {
        $pdos->execute();
    }
    catch(PDOException $exc)
    {
        var_dump($exc);
        trigger_error($exc->getMessage(), E_USER_ERROR);
    }

    // ONLY ONE ROW WILL BE RETURNED
    $row = $pdos->fetchAll(PDO::FETCH_OBJ);
    
    // SHOW THE DATA
    var_dump($row);
}

Open in new window

If that gives you sensible results, you can add the rest of the logic back in and remove the calls to var_dump().
0
 
LVL 58

Expert Comment

by:Gary
ID: 39913948
0
 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913951
how is your method different than mine

original
$sql="SELECT * FROM bb_users WHERE uid=(:uid) LIMIT 1";	
	$res=$conn->prepare($sql);
	$data=$res->execute(array(":uid"=>$userid));
	$row = $data->fetchAll(PDO::FETCH_ASSOC);

Open in new window


than yours - i thought mine just broke it out into more variables
$sql="SELECT ".$items." FROM bb_users WHERE uid=(:uid) LIMIT 1";	
	$res=$conn->prepare($sql);
	$res->execute(array(":uid"=>$userid));
	$row = $res->fetchAll(PDO::FETCH_ASSOC);

Open in new window

0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39913956
Parentheses do not belong in the WHERE clause of this query.  I'll bet if there is error visualization that will be one of the things that SQL objects to.

To anyone coming across this question and answer in the future, please stop what you're doing and instead read the article linked below, carefully, for understanding.  The basics have all been covered in detail, with well-commented code examples that teach safe and predictable ways of getting the results you need.  If you want to be a programmer you have to understand this stuff!  Code fragments without any test data are a sure way to get confused and stay confused.  Don't waste your time guessing.   The article maps familiar SQL operations onto various data base extensions, including MySQL, MySQLi, and PDO (MySQL).

http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question