Prepared statements: fatal error: Call to a member function bind_param() on a non-object

Question

Im using mysqli prepared statements and i have this error

fatal error: Call to a member function bind_param() on a non-object

MY code is

    <?php
function register_user(){

//Javascripts
?>
<script type='text/javascript'>
        function alldone() {
        $().toastmessage('showToast', {
            text     : 'You have been registered, please confirm your account',
            sticky   : true,
            position : 'middle-center',
            type     : 'error',
            closeText: '',
            close    : function () {
                console.log("toast is closed ...");
            }
        });

    }


        function regdoneconfail() {
       $().toastmessage('showToast', {
            text     : 'You have been registered, but could not be added to the database for confirmation. Please contact an admin',
            sticky   : true,
            position : 'middle-center',
            type     : 'error',
            closeText: '',
            close    : function () {
                console.log("toast is closed ...");
            }
        });

    }

                function confsendfail() {
        $().toastmessage('showToast', {
            text     : 'The confirmation mail could not be sent, please contact an admin to confirm your account',
            sticky   : true,
            position : 'middle-center',
            type     : 'error',
            closeText: '',
            close    : function () {
                console.log("toast is closed ...");
            }
        });

    }

                        function noreg() {
        $().toastmessage('showToast', {
            text     : 'Your account could not be registered. Please contact an admin',
            sticky   : true,
            position : 'middle-center',
            type     : 'error',
            closeText: '',
            close    : function () {
                console.log("toast is closed ...");
            }
        });

    }


</script>

<?php
//no scripts
$noreg = 'Your account could not be registered. Please contact an admin';
$confsendfail = 'The confirmation mail could not be sent, please contact an admin to confirm your account';
$regdoneconfail = 'You have been registered, but could not be added to the database for confirmation. Please contact an admin';
$alldone = 'You have been registered, please confirm your account';
//Including the mysqli connect file
include 'includes/mysqli_connect_new.php';
//Loading up the security library
set_include_path(get_include_path().PATH_SEPARATOR."includes/secure/src");
spl_autoload_register('spl_autoload');
//Fireup the blowfish algorithm
$gen = new org\codeangel\security\passwords\DefaultPasswordGenerator;

//Setting error array
$action = array();  
$action['result'] = null;  
$text = array();  

//Defining variables for ease of use
$name = mysqli_real_escape_string($friend_zone, $_POST['name']);
$username = mysqli_real_escape_string($friend_zone, $_POST['username']);
$password = mysqli_real_escape_string($friend_zone, $_POST['password']);
$repeatpassword = mysqli_real_escape_string($friend_zone,$_POST['repeatpassword']);
$email = mysqli_real_escape_string($friend_zone, $_POST['email']);
$security_question = 'wgat';
$security_answer = 'what';
$captcha = mysqli_real_escape_string($friend_zone, $_POST['captcha']);
$date = date("Y-m-d");
$user_level = 0;
$user_pattern = '/[^A-Za-z0-9]/';
$name_pattern = '/[^A-Za-z0-9 ]/';

//Check to see if empty
if(empty($name)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please type in your name</div><br>'); }
if(empty($username)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please tpye in a username of your choice</div><br>'); }
if(empty($email)){ $action['result'] = 'error'; array_push($text,'<div id="errors">you have to type in your email dude, its necessary!</div><br>'); }
if(empty($password)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please type in a password</div><br>'); }
if(empty($repeatpassword)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please repeat the password</div><br>'); }
if(empty($captcha)) { $action['result'] = 'error'; array_push($text,'<div id="errors">You need to type in the captcha answer</div><br>'); }


//Checking for invalid characters
if(!empty($username)){ if(preg_match($user_pattern, $username)){ $action['result'] = 'error'; array_push($text,'<div id="errors">>Username contains invalid letters</div><br>'); } }
if(!empty($name)){ if(preg_match($name_pattern, $name)){ $action['result'] = 'error'; array_push($text,'<div id="errors">>Name has invalid letters</div><br>'); } }

//Checking if the entered passwords are matching
if(!empty($password) && $repeatpassword){ if($password != $repeatpassword){ $action['result'] = 'error'; array_push($text,'<div id="errors">Passwords do not match</div><br>'); } }

//checks length
if(!empty($username)){ if(strlen($username) < 6){ $action['result'] = 'error'; array_push($text,'<div id="errors">Username has to be more than 6 letters</div><br>'); } }
if(!empty($name)){ if(strlen($name) < 5){ $action['result'] = 'error'; array_push($text,'<div id="errors">Name has more than 5 letters</div><br>'); } }
if(!empty($password) && $repeatpassword){ if(strlen($password) < 7){ $action['result'] = 'error'; array_push($text,'<div id="errors">Passwords needs to have more than 7 letters</div><br>'); } }


//Checks if email and username is taken or not!
//username
if(!empty($username)){
$username_check = $friend_zone->prepare("SELECT username FROM users WHERE username = ?");
$username_check->bind_param("s", $username);
$username_check->execute();
$username_check->store_result();
$username_rows = $username_check->num_rows;

if($username_rows > 0){ $action['result'] = 'error'; array_push($text,'<div id="errors">Sorry, the username is already taken.</div><br>'); } }

//email
if(!empty($email)){
$email_check = $friend_zone->prepare("SELECT email FROM users WHERE email = ?");
$email_check->bind_param("s", $email);
$email_check->execute();
$email_check->store_result();
$email_rows = $email_check->num_rows;

if($email_rows > 0){ $action['result'] = 'error'; array_push($text,'<div id="errors">The emain address is in use, Click <a href="forgot_password.php">here</a> if you forgot your password</div><br>'); } }

//Checking the captcha?
if(!empty($captcha)){
if($captcha != 'Marshall'){  $action['result'] = 'error'; array_push($text,'<div id="errors">The captcha answer you typed in is wrong!</div><br>'); } }



if($action['result'] != 'error'){

//encrypting using Cyth security library
$password = $gen->genPassword($password);


//$add = "INSERT INTO users (name, username, password, email, security_answer, date, user_level, security_question) VALUES ('$name', '$username', '$password', '$email', '', '$date', '$user_level', '')";
//$result = mysqli_query($link, $add);
$register = $friend_zone->prepare("INSERT INTO users (name, username, password, email, security_answer, date, user_level, security_question) VALUES(?, ?, ?, ?, ?, ?, ?, ?)");
$register->bind_param('sssssiis', $name, $username, $password, $email, $security_answer, $date, $user_level, $security_question);


if($register->execute()){

//Time to prepare a random key and add it to confirmation table ;P
$key = $username . $email . $date;
$key = sha1($key);

$user_info = $friend_zone->prepare("SELECT username, email FROM users WHERE username = ?");
$user_info->bind_param("s", $username);
$user_info->execute();
$user_info->bind_result($check_id, $check_email);


while($user_info->fetch()){

$user_id = $check_id;
$user_email = $check_email;

$confirm_add = $friend_zone->prepare("INSERT into CONFIRM(user_id, username, key) VALUES(?, ?, ?)");
$confirm_add->bind_param('iss', $user_id, $username, $key);

if($confirm_add->execute())
{
echo "Possibly awesome";
//Send the mail

$to      = $user_email;
// subject
$subject = 'FreeFX Account Confirmation';

// message
$message ="
<html>
<head>
 <title>Account confirmation</title>
</head>
<body>
<p>Hello $username, you need to confirm your account before you can start using the entire features of our website.<br>
<a href='www.likeageek.net/confirm.php?username=$username&key_code=$key'>CLICK HERE</a>to confirm your account</p>
<br>
<center>OR</center>
<a href='www.likeageek.net/confirm.php'>Click here</a> and enter the following details in<br>
<table>
Username : $username
<br>
Key : $key
<br>
</table>
</body>
</html>
";

// To send HTML mail, the Content-type header must be set
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

// Additional headers
$headers .= 'To: $user_email; <$user_email;>' . "\r\n";
$headers .= 'From: FreeFX Dudes <noreply@freefx.net>' . "\r\n";

if (mail($to, $subject, $message, $headers)) {
  echo "<script type='text/javascript'> alldone() </script> <noscript> $alldone </noscript>";
} else { echo "<script type='text/javascript'> confsendfail() </script> <noscript> $confsendfail </noscript>"; }

} else { echo "<script type='text/javascript'> regdoneconfail() </script> <noscript> $regdoneconfail </noscript>"; }

}

} else { echo "<script type='text/javascript'> noreg() </script> <noscript> $noreg </noscript>"; }
} else {


?>
 <script type='text/javascript'>
        function showstickyerror() {
        $().toastmessage('showToast', {
            text     : '<?php echo implode($text); ?>',
            sticky   : true,
            position : 'middle-center',
            type     : 'error',
            closeText: '',
            close    : function () {
                console.log("toast is closed ...");
            }
        });

    }

        showstickyerror();
</script>
<noscript>
<?php echo "<div class='wrapbg'>
<span class='corners-top'><span></span></span>
<div id='content'><br/>
Errors
<hr class='hr1'>
".implode($text)."
</div>
<span class='corners-bottom'><span></span></span>
</div>
";
?>
</noscript>
<?php
}

 }

$confirmadd is what im having problems with, i dont know why this is happening. I did many queries like so before and they all work without a single error.

the table name is confirm, in lower case, i corrected it in the query and still it throws an error — Marshall Mathews, Mar 17 '12 at 06:57
It's most likely the case that your previous `prepare` method returned false. Have you confirmed that `$confirm_add` is indeed an object? — Josh, Mar 17 '12 at 07:01
Separate your table name, `confirm` from the parentheses with a *space*, like so `INSERT INTO \`CONFIRM\` (...`. MySQL is probably treating it as a function and throwing an error. Although you should be able to output the previous error using `$mysqli->error`. — Josh, Mar 17 '12 at 07:31
possible duplicate of [Reference - What does this error mean in PHP?](http://stackoverflow.com/questions/12769982/reference-what-does-this-error-mean-in-php) — Ja͢ck, Apr 22 '14 at 02:35

score 0 · Answer 1 · answered Mar 17 '12 at 07:55

0

First, you should wrap your prepare statements in some error handling so you can see what's going on and what errors MySQL is showing. MySQL errors are usually fairly informative and tell you where in the query it is failing (which usually helps to spot the problem).

In this case I'm fairly sure it's the "key" column that is causing the problem. "key" is a reserved word in MySQL meaning if you use it as a column name you need to wrap it in backticks

INSERT into CONFIRM (user_id, username, `key`) VALUES(?, ?, ?)

But in cases like this you should consider renaming the column as well.

answered Mar 17 '12 at 07:55

liquorvicar

6,081
1
16
21

i renamed key to activation_key Still same error :\, even when i try to echo the error it just throws some notification and no error – Marshall Mathews Mar 17 '12 at 08:04
@MarshallMathews Have you tried manually running a sample query with some real values against a test version of your schema? – liquorvicar Mar 17 '12 at 08:18
ok i got a commands out of sync. I did st0re_result on user_info query and its still not fixed – Marshall Mathews Mar 17 '12 at 08:40

Prepared statements: fatal error: Call to a member function bind_param() on a non-object

1 Answers1