Call to a member function prepare() on a non-object

Question

Mohamed_26 0 Junior Poster

10 Years Ago

Hello, I am getting an error

<?Php

include 'connect.php';


    $userName = $_POST['Username']; 
    $firstname = $_POST['First Name']; 
    $Surname = $_Post['Surname'];
    $email = $_POST['Email Address']; 
    $password = $_POST['Password']; 
    $gender = $_POST['Gender']; 
    $dob = $_POST['DOB'];

    $query_insertintotable = "INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address) 
                        VALUES ('$userName','$password','$firstname','$userName', '$gender', '$dob', '$email)"; 


    $query = $dbhandle->prepare( $query_insertintotable );
    $query->execute();




?>

Am I doing anything wrong?

Thanks

php

5 Contributors
52 Replies
2K Views
3 Days Discussion Span
Latest Post 10 Years Ago Latest Post by Mohamed_26

hericles 289 Master Poster

10 Years Ago

Your $dbhandle object doesn't exist. Is it being declared in the connect.php and are you referring to it by the correct variable name?

diafol

10 Years Ago

In addition, why are you bothering with PDO or mysqli if you're not binding parameters? You may as well use mysql_* functions and have a big sign saying "inject me".

Show your connect.php code and read up on bind parameters

diafol

10 Years Ago

Try this...

$query = "INSERT INTO User (`username`) VALUES (:userName)"; 
$stmt = $conn->prepare($query);

try {
    $stmt->execute(array(":userName" => $userName));
} catch(PDOException $err) {
    echo "Houston we have a problem: $err";
}

Then if it works, build it up, one field at a time.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Mohamed_26 0 Junior Poster · Answer 1 · 2014-07-31T12:28:19+00:00

Oh Thanksss...I sorted the error out..

The other thing is. I am working on the Registration and is there anything else I need to do in the above lines of code because for some reason it is not inserting into the MySQL tables

diafol · Answer 2 · 2014-07-31T13:08:25+00:00

Your SQL is mashed to buggery:

"INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address) VALUES ('$userName','$password','$firstname','$userName', '$gender', '$dob', '$email)";

Enclose fieldnames within backticks - this is essential for reserved names and names with spaces, like your First Name and Email Address

You're also missing a closing ' for $email

What editor/IDE are you using? It should flag up these issues.

Mohamed_26 0 Junior Poster · Answer 3 · 2014-07-31T13:14:41+00:00

<?php
    $host = 'localhost';
    $dbname = 'classicmodels';
    $username = 'root';
    $password = '';
    ?>

    <?php
    $host = '';
    $dbname = '';
    $username = '';
    $password = '';

try {
    $conn = new PDO('mysql:host='.$host.';dbname'.$dbname,$username,$password);
    echo "ITS WORKING!!";
} catch (PDOException $pe) {
    die("Could not connect to the database $dbname :" . $pe->getMessage());
}

?>

diafol · Answer 4 · 2014-07-31T13:44:35+00:00

What's this for?

<?php
$host = '';
$dbname = '';
$username = '';
$password = '';

Why are you getting rid of your credentials before passing them to the object?

Also your parameters are all mashed as well -

'mysql:host='.$host.';dbname'.$dbname,$username,$password

Where's the '=' after dbname?

Please check your syntax. Use a suitable IDE.

Mohamed_26 0 Junior Poster · Answer 5 · 2014-07-31T13:50:41+00:00

Noo...I had to remove the credentials before I had to post them

diafol · Answer 6 · 2014-07-31T16:51:25+00:00

You're not providing us with much information here. We're having to work hard to worm this out of you. You don't mention if you're getting "it's working" or not. Is the second block of parameter (the blank set) still in your code?

For a better idea of how to ask questions, see this post: http://bit.ly/Dwebphp

Sorry, but I'm finding this thread too frustrating. Good luck with it.

Mohamed_26 0 Junior Poster · Answer 7 · 2014-07-31T17:29:24+00:00

I dont really understand whats going on here anymore. I am sorry if I have annoyed you and its workinggg.

Thanks for your help

diafol · Answer 8 · 2014-07-31T17:37:58+00:00

Sorry Mohamed, not annoyed, just short of time. Anybody else able to help here?

Mohamed_26 0 Junior Poster · Answer 9 · 2014-07-31T18:42:21+00:00

Thank you for your patience and helping me. I know your time is very valuable so thank you for giving up your time to help me. You have helped me so many times before. So thank you for everything.

I just have question. what does bindparam do? I have searched it up but I am still not clear on the function of it. The other thing is the registration.php is not producing errors anymore, but I dont know why the details are not being entered into the database.

below is the Registration.html

<html>
<head>
<title> Registration </title>
</body>
<form name = "registration form" method = "post" action="registration.php">
Username:<input type="text" name="name" value=""> </br>
Password:<input type="text" name="Password" value=""> </br>
First Name:<input type="text" name="First Name" value=""> </br>
Surname:<input type="text" name="Surname" value=""> </br>
Gender:<input type="text" name="Gender" value=""> </br>
DOB:<input type="text" name="DOB" value=""> </br>
Email Address:<input type="text" name="Email Address" value=""> </br>

<input type="submit" name="submit" value="submit">
</form>
</body>
</head>
</html>

Below is the Registration.php

<?Php

include 'connect.php';


    $userName = $_POST['Username']; 
    $firstname = $_POST['First Name']; 
    $Surname = $_Post['Surname'];
    $email = $_POST['Email Address']; 
    $password = $_POST['Password']; 
    $gender = $_POST['Gender']; 
    $dob = $_POST['DOB'];

    $query_insertintotable = "INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address) 
                        VALUES ('$userName','$password','$firstname','$userName', '$gender', '$dob', '$email)"; 
    echo $query_insertintotable;


    $query = $conn->prepare( $query_insertintotable );
    $query->execute();




?>http://www.daniweb.com/web-development/php/threads/482620/call-to-a-member-function-prepare-on-a-non-object-#

Am I not doing something correctly? I am not sure why the details are not being entered into the MySQL tables

veedeoo 474 Junior Poster Featured Poster · Answer 10 · 2014-07-31T21:55:00+00:00

Prepared statements with parameters work like this.

Methods used : prepare() and execute()

PDO is class. An instance of this class is called an object and the functions associated with this object are called methods.

For our purpose above (shown on your codes), we need these methods called prepare and execute. Now, PDO allows us to prepare and compile our query with placeholders. Placeholders are like markers for the expected values from the users. When the execute method is called, it sends the arguments and runs the compiled statements sent earlier.

So, there are two things going on here in the background.

First, this will be send to the server and later on will be compiled

 $query_insertintotable = $con->prepare("INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address)

VALUES (:userName, :password,  :firstname, :Surname, :gender, :dob, :email)");

These are placeholders for anticipated incomming values from the user

 VALUES (:userName, :password,  :firstname, :Surname, :gender, :dob, :email)");

TYPE 2 : alternatively, we can also do this

VALUES ( ? , ? ,  ? , ? , ? , ? , ? )";

Those are two options in setting-up the placeholder for binding. For now, let us stick to the first one to avoid any confusion.That is the beauty of PDO. It allows us to send query and temporarily compile with the placeholders.

The second part of the process is to send arguments by way of the method execute.

For the first example, we can do it like this

$query_insertintotable = $con->prepare("INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address)

VALUES (:userName, :password,  :firstname, :Surname, :gender, :dob, :email)");

## in OOP we always use try{} if we are anticipating probable errors, or we just want to catch those errors for better debugging of the script.

try {

$query_insertintotable->execute(array(

    "userName" => $userName,
    "password" => $password,
    "firstname" =>$firstname,
    "Surname" => $Surname,
    "gender" => $gender,
    "dob" => $dob,
    "email" => $email
));

} catch(PDOException $err) {
    echo "Houston we have a problem: $err";
}

For the method 2 or Type 2 of doing things, we can do it with less codes

try {

$query_insertintotable->execute(array( $userName,$password,$firstname,$Surname,$gender, $dob,$email
));

} catch(PDOException $err) {
    echo "Houston we have a problem: $err";
}

That's pretty much it. I hope this help you in understanding this subject.

Remember prepare() goes out first to the server with the anticipation that those placeholders will be filled once the execute() method is called. This makes PDO a lot safer against the aged, neglected, and deprecated mysql_*.

Mohamed_26 0 Junior Poster · Answer 11 · 2014-07-31T22:38:30+00:00

I read it soo manyyy timee and I understand it soo muchh better..THANK YOU!!!

Mohamed_26 0 Junior Poster · Answer 12 · 2014-07-31T22:38:39+00:00

Mohamed_26 0 Junior Poster

10 Years Ago

times**

Mohamed_26 0 Junior Poster · Answer 13 · 2014-08-01T13:09:09+00:00

I am having a bit of a problem. This is the code I have atm

<?Php

include 'connect.php';


    $userName = $_POST['Username']; 
    $firstname = $_POST['First Name']; 
    $Surname = $_Post['Surname'];
    $email = $_POST['Email Address']; 
    $password = $_POST['Password']; 
    $gender = $_POST['Gender']; 
    $dob = $_POST['DOB'];


    $query_insertintotable = "INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address) 
                        VALUES (':userName',':password',':firstname',':Surname', ':gender', ':dob', ':email')"; 
    echo $query_insertintotable;


    $query_insertintotable = $conn->prepare($query_insertintotable);

    try {
    $query_insertintotable->execute(array( $userName,$password,$firstname,$Surname,$gender, $dob ,$email));
} catch(PDOException $err) {
    echo "Houston we have a problem: $err";

    }

  var_dump(array);


?>

I dont know why nothing is being inserted into the database. AM I not excuting the query properly.

Mohamed_26 0 Junior Poster · Answer 14 · 2014-08-01T13:11:48+00:00

Mohamed_26 0 Junior Poster

10 Years Ago

Please ignore the var_dump(array)

veedeoo 474 Junior Poster Featured Poster · Answer 15 · 2014-08-01T19:55:07+00:00

you are not supposed to wrap the placeholders with single quotes. So, this

 VALUES (':userName',':password',':firstname',':Surname', ':gender', ':dob', ':email')";

should be like this

VALUES (:userName, :password, :firstname, :Surname, :gender, :dob, :email)");

and this

 $query_insertintotable->execute(array( $userName,$password,$firstname,$Surname,$gender, $dob ,$email));

should be like this

$query_insertintotable->execute(array(
"userName" => $userName,
"password" => $password,
"firstname" =>$firstname,
"Surname" => $Surname,
"gender" => $gender,
"dob" => $dob,
"email" => $email
));

we only use this

$query_insertintotable->execute(array( $userName,$password,$firstname,$Surname,$gender, $dob ,$email));

if our placeholders are like these

    VALUES ( ? , ? , ? , ? , ? , ? , ? );

veedeoo 474 Junior Poster Featured Poster · Answer 16 · 2014-08-01T21:20:52+00:00

Let us know when you got it working, so that I can teach you how to use these

     PDO::PARAM_INT
     PDO::PARAM_BOO
     PDO::PARAM_NULL
     PDO::PARAM_STR

that's for late though..

diafol · Answer 17 · 2014-08-02T08:32:12+00:00

$query_insertintotable->execute(array(
"userName" => $userName,
"password" => $password,
"firstname" =>$firstname,
"Surname" => $Surname,
"gender" => $gender,
"dob" => $dob,
"email" => $email
));

Don't the keys need the colon in front of them?

$query_insertintotable->execute(array(
":userName" => $userName,
":password" => $password,
":firstname" =>$firstname,
":Surname" => $Surname,
":gender" => $gender,
":dob" => $dob,
":email" => $email
));

peterscot423 0 Newbie Poster · Answer 18 · 2014-08-02T08:54:25+00:00

Hi, your sql code for the insert table is correct. But you have any problem during insertion or fetching the data from the table. You can check the corect the database table name which you are selected.
"INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address) VALUES ('$userName','$password','$firstname','$userName', '$gender', '$dob', '$email)";

diafol · Answer 19 · 2014-08-02T08:57:07+00:00

Please ignore ^^ We are beyond that, we are now using prepared statements in 2014. Suggestion to peter - read all posts before making a contribution to a thread.

Mohamed_26 0 Junior Poster · Answer 20 · 2014-08-02T09:27:16+00:00

Mohamed_26 0 Junior Poster

10 Years Ago

Thanks for the warning

Mohamed_26 0 Junior Poster · Answer 21 · 2014-08-02T10:43:50+00:00

I keep getting this error Unexpected T_ARRAY_CAST

<?Php

include 'connect.php';


    $userName = $_POST['Username']; 
    $firstname = $_POST['First Name']; 
    $Surname = $_Post['Surname'];
    $email = $_POST['Email Address']; 
    $password = $_POST['Password']; 
    $gender = $_POST['Gender']; 
    $dob = $_POST['DOB'];


    $query_insertintotable = "INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address) 
                        VALUES (:userName,:password,:firstname,:Surname, :gender, :dob, :email)"; 
    echo $query_insertintotable;


    $query_insertintotable = $conn->prepare($query_insertintotable);

    try {
    $query_insertintotable->execute(array(
        ":userName" => $userName,
        ":password" => $password,
        ":firstname" =>$firstname,
        ":Surname" => $Surname,
        ":gender" => $gender,
        ":dob" => $dob,
        ":email" => $email
     ));
} catch(PDOException $err) {
    echo "Houston we have a problem: $err";

    }

and its pointing to this line ":dob" => $dob,

diafol · Answer 22 · 2014-08-02T11:59:21+00:00

Why have you reused $query_insertintotable ?

Try this:

$query = "INSERT INTO User (username,Password,`First Name`,Surname, Gender, DOB, `Email Address` VALUES (:userName,:password,:firstname,:Surname, :gender, :dob, :email)"; 
//echo $query;
$stmt = $conn->prepare($query);
try {
$stmt->execute(array(
    ":userName" => $userName,
    ":password" => $password,
    ":firstname" =>$firstname,
    ":Surname" => $Surname,
    ":gender" => $gender,
    ":dob" => $dob,
    ":email" => $email
 ));

You still hadn't enclosed some fields in backticks, even though you'd been warned about this. Using long variable names has its uses, but perhaps not so useful in this context - you should make them meaningful.

$query_insertintotable suggests an SQL string to me not a PDOStatement object. Hope that's useful.

Mohamed_26 0 Junior Poster · Answer 23 · 2014-08-02T12:44:56+00:00

include 'connect.php';


    $userName = $_POST['Username']; 
    $firstname = $_POST['First Name']; 
    $Surname = $_Post['Surname'];
    $email = $_POST['Email Address']; 
    $password = $_POST['Password']; 
    $gender = $_POST['Gender']; 
    $dob = $_POST['DOB'];


    $query = "INSERT INTO User (`username`,`Password`,`First Name`,`Surname`, `Gender`, `DOB`, `Email Address`) 
VALUES (:userName,:password,:firstname,:Surname,:gender, :dob, :email)"; 

    $stmt = $conn->prepare($query_insertintotable);

    try {
    $stmt->execute(array(
        ":userName" => $userName,
        ":password" => $password,
        ":firstname" =>$firstname,
        ":Surname" => $Surname,
        ":gender" => $gender,
        ":dob" => $dob,
        ":email" => $email
     ));
} catch(PDOException $err) {
    echo "Houston we have a problem: $err";

    }



?>

This is my code now and I am still getting the same error message..Am I missing something?

diafol · Answer 24 · 2014-08-02T13:17:09+00:00

Yes

$stmt = $conn->prepare($query_insertintotable);

$query_insertintotable doesn't exist it's $query

Make sure $conn is the right name too.

Mohamed_26 0 Junior Poster · Answer 25 · 2014-08-02T14:03:35+00:00

The error still exists

<?Php

include 'connect.php';


    $userName = $_POST['Username']; 
    $firstname = $_POST['First Name']; 
    $Surname = $_Post['Surname'];
    $email = $_POST['Email Address']; 
    $password = $_POST['Password']; 
    $gender = $_POST['Gender']; 
    $dob = $_POST['DOB'];


    $query = "INSERT INTO User (`username`,`Password`,`First Name`,`Surname`, `Gender`, `DOB`, `Email Address`) 
                        VALUES (:userName,:password,:firstname,:Surname, :gender, :dob, :email)"; 

    $stmt = $conn->prepare($query);
    try {
    $stmt->execute(array(
        ":userName" => $userName,
        ":password" => $password,
        ":firstname" =>$firstname,
        ":Surname" => $Surname,
        ":gender" => $gender,
        ":dob" => $dob,
        ":email" => $email));
} catch(PDOException $err) {
    echo "Houston we have a problem: $err";

    }

I checked against the PHP manual. It should have worked.

http://php.net/manual/en/pdostatement.execute.php

Mohamed_26 0 Junior Poster · Answer 26 · 2014-08-02T16:12:09+00:00

I am not getting that error anymore but I dont think the values are being passed

$stmt->execute(array(
        ":userName" => $userName,
        ":password" => $password,
        ":firstname" =>$firstname,
        ":Surname" => $Surname,
        ":gender" => $gender,
        ":dob" => $dob,
        ":email" => $email
     ));

I know this because I added a debug code var_dump(array()); and it just displays this array(0) { }. When I added this code var_dump($_POST);. This is the reuslt I got

array(8) { ["name"]=> string(6) "mfredy" ["Password"]=> string(10) "Pulavan123" ["First_Name"]=> string(7) "Fareedh" ["Surname"]=> string(7) "Fareedh" ["Gender"]=> string(1) "M" ["DOB"]=> string(10) "23-10-1992" ["Email_Address"]=> string(23) "fareedh92@hotmail.co.uk" ["submit"]=> string(6) "submit" }