views:

208

answers:

2

Hey, so I have created a function to check the DB for unique entries, but when I call the function it doesn't seem to work and gives me a fatal error any ideas ? Thanks :)

 //Check for unique entries
    function checkUnique($table, $field, $compared)
    {
        $query = $mysqli->query('SELECT  '.$mysqli->real_escape_string($field).' FROM '.$mysqli->real_escape_string($table).' WHERE "'.$mysqli->real_escape_string($field).'" = "'.$mysqli->real_escape_string($compared).'"');
        if(!$query){ 
            return TRUE; 
        }   
        else {
            return FALSE;
        }
    }

The page calling it.....

    //Start session
session_start();

//Check if the session is already set, if so re-direct to the game
if(isset($_SESSION['id'], $_SESSION['logged_in'])){
    Header('Location: ../main/index.php');
};

//Require database connection
require_once('../global/includes/db.php');
require_once('../global/functions/functions.php');

//Check if the form has been submitted
if (isset($_POST['signup'])){
    //Validate input
    if (!empty($_POST['username']) && !empty($_POST['password']) && $_POST['password']==$_POST['password_confirm'] && !empty($_POST['email']) && validateEmail($_POST['email']) == TRUE && checkUnique('users', 'email', $_POST['email']) == TRUE && checkUnique('users', 'username', $_POST['username']) == TRUE)
    {
        //Insert user to the database
        $insert_user = $mysqli->query('INSERT INTO (`username, `password`, `email`, `verification_key`) VALUES ("'.$mysqli->real_escape_string($_POST['username']).'", "'.$mysqli-real_escape_string(md5($_POST['password'])).'", "'.$mysqli->real_escape_string($_POST['email']).'", "'.randomString('alnum', 32). '"') or die($mysqli->error());

        //Get user information
        $getUser = $mysqli->query('SELECT id, username, email, verification_key FROM users WHERE username = "'.$mysqli->real_escape_string($_POST['username']).'"' or die($mysqli->error()));

        //Check if the $getUser returns true
        if ($getUser->num_rows == 1)
        {
            //Fetch associated fields to this user
            $row = $getUser->fetch_assoc();

            //Set mail() variables
            $headers = 'From: [email protected]'."\r\n".
                      'Reply-To: [email protected]'."\r\n".
                      'X-Mailer:  PHP/'.phpversion();
            $subject = 'Activate your account (Music Battles.net)';
            //Set verification email message
            $message = 'Dear '.$row['username'].', I would like to welcome you to Music Battles. Although in order to enjoy the gmae you must first activate your account. \n\n Click the following link: http://www.musicbattles.net/home/confirm.php?id='.$row['id'].'key='.$row['verification_key'].'\n Thanks for signing up, enjoy the game! \n Music Battles Team';

            //Attempts to send the email
            if (mail($row['email'], $subject, $message, $headers))
            {
                $msg = '<p class="success">Accound has been created, please go activate it from your email.</p>';
            }
            else {
                $error = '<p class="error">The account was created but your email was not sent.</p>';
            }
        }
            else {
                $error = '<p class="error">Your account was not created.</p>';
            }
        }
            else {
                $error = '<p class="error">One or more fields contain non or invalid data.</p>';
            }
        }

Erorr....

Fatal error: Call to a member function query() on a non-object in /home/mbattles/public_html/global/functions/functions.php on line 5
+1  A: 

$mysqli is not defined inside your function as functions have their own variable scope. Either pass that variable to your function as a parameter:

function checkUnique($mysqli, $table, $field, $compared) {
    // …
}

Or use the global keyword or $GLOBAL variable to access that variable of the global scope inside your function:

function checkUnique($table, $field, $compared) {
    global $mysqli;     // registers the global variable $mysqli locally
    $GLOBALS['mysqli']; // OR access the global variable via $GLOBALS['mysqli']
    // …
}
Gumbo
Why don't you just access the variable as `$mysqli` instead of `$GLOBALS['mysqli']` (after declaring it `global` on the first line of the function)?
brianreavis
@brianreavis: This is just an example that shows both variants.
Gumbo
Oh no worries! I was just genuinely curious... that's all.
brianreavis
A: 

$mysqli inside your function is not the same $mysqli that is outside the function. You either have to make $mysqli global, or instantiate another db connection.

dnagirl