0

First of all, please take on mind that I was trying to fix this problem for a hours so please don't "judge" me that I'm posting the same question that has been already answered... I visited these posts here:

Fatal error: Call to a member function close() on a non-object. MySQLi issue and http://w3guy.com/fatal-error-call-member-function-fetch_object-non-object/

but these kinda does not work for me and I don't know why...

My CODE:

<?php
include_once 'db_connect.php';
include_once 'psl-config.php';

$error_msg = "";

if (isset($_POST['username'], $_POST['email'], $_POST['p'])) {
    // Sanitize and validate the data passed in
    $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
    $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
    $email = filter_var($email, FILTER_VALIDATE_EMAIL);
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        // Not a valid email
        $error_msg .= '<p class="error">The email address you entered is not valid</p>';
    }

    $password = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING);

    // Username validity and password validity have been checked client side.
    // This should should be adequate as nobody gains any advantage from
    // breaking these rules.
    //

    $prep_stmt = "SELECT id FROM members WHERE email = ? LIMIT 1";
    $stmt = $mysqli->prepare($prep_stmt);

   // check existing email  
    if ($stmt) {
        $stmt->bind_param('s', $email);
        $stmt->execute();
        $stmt->store_result();

        if ($stmt->num_rows == 1) {
            // A user with this email address already exists
            $error_msg .= '<p class="error">A user with this email address already exists.</p>';
                        $stmt->close();
        }
                $stmt->close();
    } else {
        $error_msg .= '<p class="error">Database error Line 39</p>';
                $stmt->close();
    }

    // check existing username
    $prep_stmt = "SELECT id FROM members WHERE username = ? LIMIT 1";
    $stmt = $mysqli->prepare($prep_stmt);

    if ($stmt) {
        $stmt->bind_param('s', $username);
        $stmt->execute();
        $stmt->store_result();

                if ($stmt->num_rows == 1) {
                        // A user with this username already exists
                        $error_msg .= '<p class="error">A user with this username already exists</p>';
                        $stmt->close();
                }
                $stmt->close();
        } else {
                $error_msg .= '<p class="error">Database error line 55</p>';
                $stmt->close();
        }

    // TODO: 
    // We'll also have to account for the situation where the user doesn't have
    // rights to do registration, by checking what type of user is attempting to
    // perform the operation.

    if (empty($error_msg)) {

        // Create salted password 
        $passwordHash = password_hash($password, PASSWORD_BCRYPT);

        // Insert the new user into the database 
        if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password) VALUES (?, ?, ?)")) {
  $insert_stmt->bind_param('sss', $username, $email, $passwordHash);
            // Execute the prepared query.
            if (! $insert_stmt->execute()) {
                header('Location: ../error.php?err=Registration failure: INSERT');
            }
        }
        header('Location: ./continue.php');
    }
}
Community
  • 1
  • 1
Steven
  • 17
  • 1
  • 9
  • Ok... What action are you taking when you have this error message? – bcesars Mar 12 '15 at 19:39
  • @bcesars - Registration – Steven Mar 12 '15 at 19:42
  • Check each `$stmt->close();` inside IF/ELSE Statement. there is something logical goes wrong in your code. You need to check step by step when executing your code. – bcesars Mar 12 '15 at 19:51
  • you try to close() sometimes twice. – steven Mar 12 '15 at 19:55
  • I got exact 2 lines where these errors happen it's here : else { $error_msg .= '

    Database error line 55

    '; $stmt->close(); } And here : else { $error_msg .= '

    Database error Line 39

    '; $stmt->close(); }     – Steven Mar 12 '15 at 19:56
  • Try to remove both of then... If `$stmt` returns false, you won't be need to close. And I saw what @steven said: You trying to close() twice. – bcesars Mar 12 '15 at 20:02

1 Answers1

0
if ($stmt->num_rows == 1) {
     $error_msg .= '<p class="error">A user with this email address already exists.</p>';
     $stmt->close();
}
$stmt->close();

should be

if ($stmt->num_rows == 1) {
    $error_msg .= '<p class="error">A user with this email address already exists.</p>';
    $stmt->close();
} else {
    $stmt->close();
}

otherwise you close it twice in case of num_rows == 1.

or better:

if ($stmt->num_rows == 1) {
    $error_msg .= '<p class="error">A user with this email address already exists.</p>';
}
$stmt->close();

another fact is: in the ELSE of your IF($stmt) you cannot do $stmt->close(); because $stmt does not exist.

steven
  • 4,868
  • 2
  • 28
  • 58