Link to home
Start Free TrialLog in
Avatar of ahmed dinar
ahmed dinar

asked on

trying to get property of non-object

i have a problme in my php code .. trying to get property  of non object ..this is the code .
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "job_database";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) 
{
    die("Connection failed: " . $conn->connect_error);
} 

if(isset($_POST['Get']))
{
    $jtitle = $_POST['jobtitle'];
    $location = $_POST['location'];
    $category = $_POST['categories'];
    //Query specified database for value
    $sql = "SELECT jtitle , location, category FROM addjob where jtitle =".$jtitle." AND location =".$location." AND category =".$category." " ;
 $result = $conn->query($sql);
}

if ($result->num_rows > 0) {

  // output data of each row
 while($row = $result->fetch_assoc()) {
 echo "jtitle: " . $row["jtitle"]. "location:" . $row["location"]. "category" . $row["category"]."<br>";
    }
} else {
    echo "0 results";
}

$conn->close();
?>

Open in new window

Avatar of mohan singh
mohan singh
Flag of India image
Your query syntax is wrong

Your write  like this 
 $sql = "SELECT jtitle , location, category FROM addjob where jtitle =".$jtitle." AND location =".$location." AND category =".$category." " ;

Open in new window


Do like this
 $sql = "SELECT jtitle , location, category FROM addjob where jtitle ='$jtitle' AND location ='$location'  AND category ='$category' " ;

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Olaf Doschke
Olaf Doschke
Flag of Germany image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gr8gonzo
gr8gonzo
Flag of United States of America image
Also, last note - your code is susceptible to SQL injection. Make sure you either run mysqli_real_escape_string on your variables BEFORE you use them in your query:
http://php.net/manual/en/mysqli.real-escape-string.php

...or use prepared statements:
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php

Either approach will fix this vulnerability.
Avatar of gr8gonzo
gr8gonzo
Flag of United States of America image
If this question is going to be closed, the answer to the original problem is addressed by Olaf in answer
#42520465. He should get full points.
Avatar of gr8gonzo
gr8gonzo
Flag of United States of America image
Also, @mohan, the query syntax is not wrong. It works either way (and your suggested way actually performs a tiny bit worse). If you are going to suggest the OP's code is wrong, please test it first to make sure you are right before making that suggestion.