0

so I have been getting this error quite a bit in my error.log and cannot figure out how to fix it. I have tried searching similar questions like this on Stack Overflow but have not had any success. Some help would be much appreciated!

The line marked is where the error is showing:

if(isset($_GET['id']) && !empty($_GET['id'])){
    //If statement content here...
    } elseif(isset($_GET['category']) && !empty($_GET['category'])) {
        $_GET['category'] = $database->escape_string(filter_var($_GET['category'], FILTER_SANITIZE_STRING));

        // This line:
        $category_title = $database->query("SELECT `name` FROM `categories` WHERE `slug` = '{$_GET['category']}'")->fetch_object()->name;

        $pageTitle = 'something';
        $description = 'something';
        $keywords = $category_title;
        $indexTitle = $category_title;
    }
Isaac Bennetch
  • 11,830
  • 2
  • 32
  • 43
Luz1fer
  • 19
  • 7
  • The error is describing exactly what is wrong. You need to check to the left of `->` before blindly invoking method or accessing a property. i.e. is $database what you think? Is the return value of `fetch_object()` what you expect? Can recreate like: `$a = ''; echo $a->foo;` – ficuscr May 30 '18 at 21:58
  • 1
    Possible duplicate of [Reference - What does this error mean in PHP?](https://stackoverflow.com/questions/12769982/reference-what-does-this-error-mean-in-php) – ficuscr May 30 '18 at 22:00
  • **WARNING**: When using `mysqli` you should be using [parameterized queries](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [`bind_param`](http://php.net/manual/en/mysqli-stmt.bind-param.php) to add user data to your query. **DO NOT** use manual escaping and string interpolation or concatenation to accomplish this because you will create severe [SQL injection bugs](http://bobby-tables.com/). Accidentally unescaped data is a serious risk. Using bound parameters is less verbose and easier to review to check you’re doing it properly. – tadman May 30 '18 at 22:19
  • 1
    Since it's not complaining about you calling `fetch_object()` on a boolean, this error means everything is working fine but someone (or something) supplied a category that doesn't exist and your query returns 0 results. Therefore `fetch_object()` returns `null` instead of an object with a `name` property. You need to split it up: first get the return value of `fetch_object()`, check if it's `null` and act accordingly or fetch its `name` property if it's the object you expect it to be. – rickdenhaan May 30 '18 at 22:27
  • Thanks for the responses. Anyone else have an idea on how to fix it? Thanks – Luz1fer Jul 17 '18 at 14:15

0 Answers0