Why am I getting a "trying to get a property of a non-object" error in PHP?

Question

I'm working on a form where you can update a student's information in the database.

I've been getting this error:

Notice: Trying to get property of non-object in [...]/EditPersonalInfo.php on line 54.

I know this is a common error asked about on here but none of the solutions I found so far have fixed the issue in my case.

Here is my code:

// At the top of the page I also made sure to require_once my server.php file, so the database does connect

<?php 
        if (isset($_POST['update_personal'])) {

            $phone = trim($_POST['phoneNumber']);       
            $address = trim($_POST['address']); 
            $id = $_SESSION['id'];

            // The three variables above work when echoed.

            $query = "UPDATE StudentInfo SET PhoneNumber = $phone , Address = '$address' WHERE Student_ID = $id";

            // The above looks fine when echoed

            // The problem starts here
            $result = $conn->query($query);

            // Line 54
            if($result->num_rows == 1) {        

               // This was an attempt to set session variables when things didn't work. Nothing
               // in the database has changed though.
               while ($row = $result->fetch_assoc()){
                    $_SESSION['address'] = $row['Address'];
                    $_SESSION['phone'] = $row['PhoneNumber'];
                    }
            }

        }
    ?>

This same approached worked earlier when I was setting session variables:

// When user submits login info.
    if (isset($_POST['login_user']))
    {
        // Get info from forms and trim white space, then save as variables.
        $username = trim($_POST['username']);
        $password = trim($_POST['password']);

        // If no errors.
        if (count($errors) == 0) {

            // Select user info from server. 
            $query = "SELECT * FROM StudentInfo WHERE Username='$username' AND Password='$password'";

            $result = $conn->query($query);

            if($result->num_rows == 1) 
            {
            // Load user from server, send to home page

                while ($row = $result->fetch_assoc()){
                    $_SESSION['id'] = $row['Student_ID'];
                    $_SESSION['fname'] = $row['FirstName'];
                    $_SESSION['lname'] = $row['LastName'];
                    $_SESSION['dob'] = $row['DateOfBirth'];
                    $_SESSION['address'] = $row['Address'];
                    $_SESSION['email'] = $row['EmailAddress'];
                    $_SESSION['due'] = $row['AmountDue'];
                    $_SESSION['phone'] = $row['PhoneNumber'];
                    $_SESSION['emergency'] = $row['EmergencyContact_ID'];
                    $_SESSION['coursesid'] = $row['CourseList_ID'];
                    $_SESSION['res'] = $row['Residency_ID'];
                    $_SESSION['user'] = $row['Username'];
                    $_SESSION['pass'] = $row['Password'];

                }

            header('location: home/home.php');
            }
        }
    }

Any help would be much appreciated.

Sorry yes, line 54 is this one in the first code block: if($result->num_rows == 1) { — Brandon White, Mar 04 '20 at 19:19
Your query failed, so `$result` is false. You'll need to check for [mysqli errors](http://php.net/manual/en/mysqli.error.php) to find out why. — aynber, Mar 04 '20 at 19:20
You are wide open for SQL injection. Since you're using mysqli, take advantage of [prepared statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [bind_param](http://php.net/manual/en/mysqli-stmt.bind-param.php). **This will take care of any pesky quoting issues that may occur.** — aynber, Mar 04 '20 at 19:21
I got this error here: Warning: mysqli_error() expects parameter 1 to be mysqli, boolean given in [...]/EditPersonalInfo.php on line 63 Error message: (No error message?) When I inserted this line at the end of my PHP: printf("Error message: %s\n", mysqli_error($result)); I'll read up on the prepared statements and bind_param as well, thanks — Brandon White, Mar 04 '20 at 19:25
@gre_gor I just tried with and without quotes, but nothing changed — Brandon White, Mar 04 '20 at 19:27
As you were already told, your query failed and `$result` is false. Try `echo $conn->error;` — gre_gor, Mar 04 '20 at 19:33
This should probably be closed as a dup to [mysqli_fetch_assoc() expects parameter / Call to a member function bind_param() errors. How to get the actual mysql error and fix it?](https://stackoverflow.com/q/22662488/794749) — gre_gor, Mar 04 '20 at 19:33
Alright, I'm reading up on the prepared statements, bind_param, SQL injection, and that similar question, thanks everyone. I'm pretty new to this still (< 20 hours working with PHP/SQL), so as I understand the issue now, the problem is that I haven't set myself up safely which is causing a ton of issues down the road — Brandon White, Mar 04 '20 at 19:45

score -1 · Answer 1 · answered Mar 04 '20 at 20:23

-1

the problem is with $result->num_rows use rowCount

so correct code will be

    if($result->rowCount() == 1)

answered Mar 04 '20 at 20:23

Ronak Dhoot

2,322
1
12
19

2

`rowCount` is PDO, `num_rows` is mysqli. The OP is using mysqli – aynber Mar 05 '20 at 13:37

Why am I getting a "trying to get a property of a non-object" error in PHP?

1 Answers1