0

I looked through all the previously asked similar questions and they all have different code so can't find an answer!

My problem is that my program returns

Fatal error: Call to a member function fetch() on a non-object

when my php code is run when requesting information from mysql database. Here is my code: 

<body>
<?php
// Connexion à la base de données
include_once("connexionMysql.php");

// test si bouton ok
if (isset($_POST['valid'])) {
    // construction de la req. 
    $requete="SELECT mdp, type FROM AY_users 
            WHERE login='.$_POST['login'].'"; 
    // exécution de la requête
    $reponse = $bdd->query($requete);

    if ($donnees=$reponse->fetch(PDO::FETCH_ASSOC)) {
        if ($donnees['mdp']==$_POST['mdp']) {
            // le mot de passe est le bon

            print "<br/>Authentification réussie ! <br/>\n";
            if($donnees['type']==0){
                header("Location: pageDaccueilAdmin.php");
            }
            if($donnees['type']==1){
                header("Location: pageDaccueilEnseignant.php");
            }
            if($donnees['type']==2){
                header("Location: pageDaccueilCher.php");
            }
        } else {
            print "Le mot de passe n'est pas le bon, veuillez reessayer<br/>";
            print "<a href='authentif.php'>Se reconnecter</a>";
        }
    } else {
        // sinon : login inexistant
        print "Ce login est inexistant, veuillez <br/>\n";
        print "1- <a href='authentif.php'>Se reconnecter</a>";
        print "2- <a href='creer.php'>créer un compte</a>";
    }

}

?>

It definitely connects to the database as I have a print statement to make sure. (mdp-->password)*

Jay Blanchard
  • 34,243
  • 16
  • 77
  • 119
Andrew Y
  • 23
  • 1
  • 7
  • it failed and you need to find out why http://php.net/manual/en/pdo.error-handling.php - http://php.net/manual/en/function.error-reporting.php – Funk Forty Niner Apr 12 '16 at 18:17
  • 3
    `$requete="SELECT mdp, type FROM AY_users WHERE login='".$_POST['login']."'";` That should fix your error, but will still leave you vulnerable to SQL injection attacks. – Patrick Q Apr 12 '16 at 18:19
  • Also, make use of the prepared statements to prevent SQL injection attacks. http://php.net/manual/en/pdo.prepared-statements.php – Eduardo Galván Apr 12 '16 at 18:19

2 Answers2

0

PDO::query() returns a PDOStatement object, or FALSE on failure.

Your query is failing (returning false). That's why you get the non-object error: $response is not an object. It's bool(false) in this case.

mferly
  • 1,646
  • 1
  • 13
  • 19
0

Yuo have wrong formatted quotes the your query don't get any istance from db

try this way 

$requete="SELECT mdp, type FROM AY_users 
        WHERE login='" .$_POST['login']. "'"; 
// exécution de la requête
$reponse = $bdd->query($requete);
ScaisEdge
  • 131,976
  • 10
  • 91
  • 107