views:

48

answers:

3

Can anyone instruct me on the proper way to use the MySQLi extension in PHP? I have always used procedural MySQL functions before and want to make the change but am finding the examples on PHP.net and other sites way too complicated. There seems to be multiple methods to do the same thing. I want to use it in the following method:

function checkCredentials($username, $password)
{
    $q = $db->prepare("SELECT id FROM `users` WHERE username=? AND password=? LIMIT 1");
    $q->bind_param('ss', $username, $password);
    $q->execute();
}

That's as far as I've got going by the PHP.net examples but I get this error:

Fatal error: Call to a member function prepare() on a non-object in C:\xampp\htdocs\classes\user.class.php on line 14

(the $db variable is a handle in my user class and that works fine)

It just seems the documentation is far too complicated for someone who's never used the entention before and for someone who's moderately new to classes and OOP.

Does anyone have links to pages explaining how to connect/prepare statements/execute queries and everything or can put it down in an answer?

Thank you.

+1  A: 

$db is not declared global. Place global $db in the function:

function checkCredentials($username, $password)
{
    global $db;
    $q = $db->prepare("SELECT id FROM `users` WHERE username=? AND password=? LIMIT 1");
    $q->bind_param('ss', $username, $password);
    $q->execute();
}

This is not a good OOP style though.

Lekensteyn
Well, new answer then :)
Lekensteyn
of course its related. You don't have access to an object called $db within your function, that's why its causing the error. ->prepare is not causing the error, the fact that $db is not an object within the scope of your function is the error. `Call to a member function prepare() on a *non-object*`
Erik
@Erik: That comment was related to the original answer (before the edit) which was indicating that `$q` was not an object... The current edit is correct (And as such I've deleted my potentially confusing comment)...
ircmaxell
+1  A: 

The error you're getting means $db is not an object.

One possibility is that you've initialized $db outside a function call, but are trying to use it inside a function - in which case you need to import it from the global namespace using the global keyword. Global variables in PHP are not automatically visible inside functions - you have to tell PHP to make a global variable visible:

function foo() {
    global $db;
    // do stuff with $db
}

Another possibility is that it's FALSE if you're assigning it the value from mysqli_connect() - chances are your connection information has a typo or something similar.

Amber
@ircmaxell - oftentimes OPs don't post complete contents of things, so I offered both possible explanations.
Amber
Fair enough (And as such, I've deleted my comment)... The edit explains well (My original comment was on the original edit, and no longer applies)... +1
ircmaxell
+1  A: 

The problem is that $db is not in the scope (so it's initialized as null). If you had error_reporting to E_ALL you'd see the notice about attempting to use an uninitialized variable $db... You need to somehow bring $db into the functions scope:

If it's a global varaible:

function checkCredentials($username, $password) {
    global $db;

If it's a member variable (and that function is really a method in an object):

function checkCredentials($username, $password) {
    $q = $this->db->prepare();

If it's something else, you may want to pass it in:

function checkCredentials($username, $password, $db) {
ircmaxell
Ah yea. Using `$this->db->prepare()` works as I passed my database handle in through the constructor on my class. Thanks :)
Will