Solved

Call to a member function fetchAll() on a non-object

Posted on 2014-03-07
14
4,002 Views
Last Modified: 2014-03-09
hi,

i have the following function which i call upon logging in and it keep giving me the call on non-object what am i missing here. if i replace the prepare and just use ->query it seems to be fine but i read that if i do it that way i would run the risk of injection. any help is greatly appreciated

$conn= is my database connection

function get_session_data($userid){
	
	global $conn;
	//SELECT THE ITEMS FROM THE DATABASE YOU WANT
	$items="*";
	$senstive=array("password", "uuk","secret_q1","secret_q2","secret_ans1","secret_ans2");
	
	//GET THE INFORMATION FROM THE DATABASE
	$sql="SELECT ".$items." FROM bb_users WHERE uid=(:uid) LIMIT 1";	
	$res=$conn->prepare($sql);
	$data=$res->execute(array(":uid"=>$userid));
	$row = $data->fetchAll(PDO::FETCH_ASSOC);
	if($row){	
		foreach($row as $col =>$info){
			//DO NOT STORE THE PASSWORD OR OTHER SENSITIVE DATA
			if(!in_array($col,$senstive)){
			//SET EACH DATA VARIABLE AS A SESSION VARAIBLE
		
				$_SESSION[$col] =$info;	
			}
		}
	}else{
		//QUERY FAILED
		$warning="SESSION ERROR WITH SESSION".$conn->errorCode();
		print_r($warning);
		die;	
		
	}
	
}

Open in new window

0
Comment
Question by:M. Jayme Nagy
  • 5
  • 4
  • 4
14 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39913907
The most frequent cause of this message is a failing query.  The script did not test for query success and tried to use the result resource as if it were valid.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39913913
Try removing the colon from this statement.  It's used for the placeholder signal in the query string, but the array needs to use the field name without the colon.  I don't know why they designed it this way -- it's confusing and it would be easy enough to ignore leading colon.  But alas...

$data=$res->execute(array(":uid"=>$userid));

Change to:

$data=$res->execute(array("uid"=>$userid));

Some working examples are available in this article:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html

If you look carefully at the way errors and exceptions are handled you will find ways to get PHP to tell you what went wrong.

HTH, ~Ray
0
 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913917
so i

var_dump($data) = bool(true)

$data=$res->execute(array(":uid"=>$userid));
0
 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913925
Oh i have been bouncing back and forth between that page, php.net and my project

 i changed

$data=$res->execute(array("uid"=>$userid));

same thing

i also tried
$row = $data->fetch(PDO::FETCH_ASSOC);
0
 
LVL 58

Expert Comment

by:Gary
ID: 39913926
Try this amendment

...
	$data=$res->execute(array(":uid"=>$userid));
	$row_count=$data->rowCount()
	$row = $data->fetchAll(PDO::FETCH_ASSOC);
	if($row_count>0){
...

Open in new window

0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39913927
Just edited my earlier comment - refer back :-)
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 58

Accepted Solution

by:
Gary earned 500 total points
ID: 39913933
Scrap the above.

...
	$res=$conn->prepare($sql);
	$res->execute(array(":uid"=>$userid));
	$row = $res->fetchAll(PDO::FETCH_ASSOC);
...

Open in new window


Notice you just execute the statement, no assignment.
0
 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913941
i tried both ways no luck and when i do the row count

 Call to a member function rowCount()
0
 
LVL 58

Expert Comment

by:Gary
ID: 39913945
The colons is a preferential thing, you don't need them as pdo understands what you mean but it is the documented method.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39913947
This might work better.  It's not a complete solution but at least it will give you some hope of getting an error message that means something.  Obviously it's untested code because we do not have your data set, but it may be worth a try.

function get_session_data($userid)
{
    // A PDO OBJECT
    global $conn;
    var_dump($conn);
    
    // SELECT THE ITEMS FROM THE DATABASE YOU WANT
    $items = "*";
    
    // LIST THE COLUMN NAMES YOU DO NOT WANT
    $senstive = array("password", "uuk","secret_q1","secret_q2","secret_ans1","secret_ans2");
    
    // QUERY TO GET THE INFORMATION FROM THE DATABASE
    $sql  = "SELECT $items FROM bb_users WHERE uid=:uid LIMIT 1";
    
    // PREPARE THE QUERY
    try 
    {     
        $pdos = $conn->prepare($sql); 
    } 
    catch(PDOException $exc) 
    { 
        var_dump($exc);
        trigger_error($exc->getMessage(), E_USER_ERROR);
    }

    // BIND THE VARIABLE AND TRY THE QUERY
    $pdos->bindParam(':uid', $userid, PDO::PARAM_STR);

    try
    {
        $pdos->execute();
    }
    catch(PDOException $exc)
    {
        var_dump($exc);
        trigger_error($exc->getMessage(), E_USER_ERROR);
    }

    // ONLY ONE ROW WILL BE RETURNED
    $row = $pdos->fetchAll(PDO::FETCH_OBJ);
    
    // SHOW THE DATA
    var_dump($row);
}

Open in new window

If that gives you sensible results, you can add the rest of the logic back in and remove the calls to var_dump().
0
 
LVL 58

Expert Comment

by:Gary
ID: 39913948
0
 
LVL 6

Author Comment

by:M. Jayme Nagy
ID: 39913951
how is your method different than mine

original
$sql="SELECT * FROM bb_users WHERE uid=(:uid) LIMIT 1";	
	$res=$conn->prepare($sql);
	$data=$res->execute(array(":uid"=>$userid));
	$row = $data->fetchAll(PDO::FETCH_ASSOC);

Open in new window


than yours - i thought mine just broke it out into more variables
$sql="SELECT ".$items." FROM bb_users WHERE uid=(:uid) LIMIT 1";	
	$res=$conn->prepare($sql);
	$res->execute(array(":uid"=>$userid));
	$row = $res->fetchAll(PDO::FETCH_ASSOC);

Open in new window

0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39913956
Parentheses do not belong in the WHERE clause of this query.  I'll bet if there is error visualization that will be one of the things that SQL objects to.

To anyone coming across this question and answer in the future, please stop what you're doing and instead read the article linked below, carefully, for understanding.  The basics have all been covered in detail, with well-commented code examples that teach safe and predictable ways of getting the results you need.  If you want to be a programmer you have to understand this stuff!  Code fragments without any test data are a sure way to get confused and stay confused.  Don't waste your time guessing.   The article maps familiar SQL operations onto various data base extensions, including MySQL, MySQLi, and PDO (MySQL).

http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WordPress Themes 10 34
php string masking 4 29
hiding/removing php extension - best practice 4 25
How to loop bootstrap columns which contain database records 9 23
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now