Member Avatar for janicemurby

hi can someone check this section up for me as im getting a error from it after converting to mysqli
Fatal error: Call to a member function query() on a non-object in /home/matureco/public_html/config/db_connect.php on line 67

// find total message per user
if(! function_exists(unReadMsgCount) ) 
{
    function unReadMsgCount($id)
    {
        return $conn->query("select * from messages where rece_id='".$id."' and readflage = 0 and status=1")->num_rows;
    }
}

ty jan x

  • 4 Contributors
  • 4 Replies
  • 228 Views
  • 9 Hours Discussion Span
  • Latest Post Latest Post by diafol
Member Avatar for pritaeas

Where is $conn instantiated?

Member Avatar for janicemurby

from here hun

<?php
session_start();
include("config_global.php");

$conn       = new mysqli(DBHOST,DBUSER,DBPASS,DBNAME) or die($mysqli->error);

$row            = $conn->query("select * from settings where id = '1' ")->fetch_array();
$site_name  = trim(stripslashes($row['site_name']));
$email      = trim($row['email']);
$keyword    = trim(stripslashes($row['keyword']));
$description= trim(stripslashes($row['description']));
$logo       = trim($row['logo']);
$copyright  = trim(stripslashes($row['copyright']));

$favicon    = trim($row['favicon']);
$paypal_email   = trim($row['paypal_email']);
Member Avatar for Taywin

Syntax for mysqli_query().

PS: Again, it seems that you don't listen to someone's suggestion about SQL injection. You don't prepare query but rather directly use it in database query...

Edited by Taywin
Member Avatar for diafol

Yes, I think we've been here before. SQL Injection, trimming post-select instead of pre-insert.
Also use a 'LIMIT 1' clause in the SQL to stop MySQL from searching the rest of the table once it has found a hit.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.