Call to a member function bind_param() on a non-object [duplicate]

php mysqli prepared-statement

I am trying to bind a variable in this prepared statement, but i keep receiving the error:

Call to a member function bind_param() on a non-object

The function is called, and variables are passed to it. When i change the function to just echo the variable, the variable prints on the page fine, but if i try to bind it here i receive the error. can anyone help?

//CALL FROM PAGE ONE
check($username);

//FUNCTION ON PAGE 2
function check($username){
$DBH = getDBH();
$qSelect = $DBH->prepare("SELECT * FROM users WHERE username = ?");
$qSelect->bind_param("s", $username);
}

i know the function is not completely written here, but that shouldn't be a problem. I don't understand why i am receiving this error.


Solution 1:

Well, one reason prepare() can fail is if the sql statement sent to it is not valid in the current DB.

prepare() will then return false.

Eg - if the table name is not correct or one or more field in the query does not exist.

Solution 2:

as the error-message says, $qSelect seems to be not an object. try to debug this by using var_dump($qSelect); right after your prepare-call. also check if getDBH() returns what you need.

sounds like the prepare-call fails (don't know why) and so it returns false - false is not an object, so you can't call bind_param() on that.

EDIT: you havn't given the info, but it looks like you're using PHP's PDO. In that case, take a look at the documentation.

If the database server successfully prepares the statement, PDO::prepare() returns a PDOStatement object. If the database server cannot successfully prepare the statement, PDO::prepare() returns FALSE or emits PDOException (depending on error handling).

You should configure your server to return those PDO-Exceptions, which would tell you why the prepare call fails.

Solution 3:

i'm using the mysqli approach as well and got the same error when I created another instance of mysqli before closing the first instance. So its important to use close() before starting the same piece of code. For example:

$DBH = getDBH();
$qSelect = $DBH->prepare("SELECT * FROM users WHERE username = ?");
$qSelect->bind_param("s", $username);
$qSelect->close();  // <--- use close before calling the same function( wich contains $DBH code) again;

Solution 4:

It appears that prepare is quite dumb. It doesn't rely query entirely into the MySQL side, by this, I mean, if in your query, you have a table that happens to have the same name of a keyword, say "user", "order", ..., it just doesn't recognize it as a table, but rather as what the keyword commands actually do, so the query turns out to be a mess and the prepare just fail.

To fix this is simple, you have to type it in the "correct" way adding "`" in both sides of the table name. Example:

`user`, `order`, `...`

It's correct, yet, I find it silly from prepare to have this behavior.

Related

PHP PDO prepared statements
Capturing repeating subpatterns in Python regex
pip how to remove incorrectly installed package with a leading dash: "-pkgname"
PyInstaller, spec file, ImportError: No module named 'blah'
Javascript object members that are prototyped as arrays become shared by all class instances
function parameter evaluation order
Regular expressions: Ensuring b doesn't come between a and c
How do I return a boolean from AsyncTask?
Why can in-class initializers only use = or {}?
Create dynamic variable name
Two SQL LEFT JOINS produce incorrect result
Why C++11 in-class initializer cannot use parentheses? [duplicate]