-4

嗨,我已经检查了对这个问题的其他回复,但由于某种原因我无法解决问题。这是我正在尝试创建的登录系统,但我不断收到致命错误:调用非成员函数 prepare() -object in ...根据错误,问题出在db.php文件中。这里是..

<?php
require "config.php";


function DBconnect($config) {
    try {
        $conn = new PDO('mysql:host=localhost;dbname=' . $config['database'],
                        $config['username'],
                        $config['password']);

        $conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        return $conn;
    } catch(Exception $e) {
        echo $e->getmessage();
    }
}

function query($query, $bindings, $conn) {
    $stmt = $conn->prepare($query);
    $stmt->execute($bindings);

    return $stmt;
}

这是用于创建登录页面的 index.php 文件。

<?php

// include the necessary files
require "db.php";
require "functions.php";
include "index.view.php";

// Allow sessions to be passed so we can see if the user is logged in
session_start();

//conect to the database so we can check, edit or ,data to our users table
DBconnect($config);

// if the user has submitted the form
if( $_SERVER["REQUEST_METHOD"] === "POST") {
    global $conn;
    //protect the posted value then store them to variables
    $username = protect($_POST["username"]);
    $password = protect($_POST["password"]);

    //Check if the username or password boxes were not filled in
    if ( !$username || !$password ){
        // if not display an error message.
        echo "You need to fill in a username and password!";
    }else
        // if correct continue cheking

        //select all the rows where the username and password match

        query(  "SELECT * FROM users WHERE username = :username",
            array("username" => $username),
            $conn);
        $num = ( $stmt->rowcount() ); 


        //check if there was not a match
        if( $num == 0) {
            //if not display an error message
            echo "The username you entered does not exist!";
        }else{
            //if there was a mactch continue chekcing

            //select all rows where the username and password match the ones submitted by the user
            query( "SELECT * FROM users WHERE username =:username && password = :pasword",
                    array("username" => $username, "password" => $password ),
                    $conn);
            $num = ( $stmt->rowcount() );   

            //check if there was not a match
            if( $num == 0) {
                //if not display error message
                echo "Username and password do not mactch";
            }else {
                //if there was continue checking

                //split all the fields from the correct row into an associative array
                $row = $stmt->fetch(PDO::FETCH_ASSOC);
                //check to see if the user has not activated their account
                if($row["active"] != 1) {
                    //if not display an error message
                    echo "You hav not yet activated your account!";
                }else {
                    //if so then log them in

                    // set the login session storing their id. We use this to
                    // see if they are logged in or not.
                    $_SESSION["uid"] = $row["id"];
                    //show message confirming that they are loggd in
                    echo "You have succesfully logged in!";
                    //update the online field to 50 seconds in the future
                    $time = date("u")+50;
                    query( "UPDATE users SET online = :time WHERE id = :id",
                            array("time" => $time, "id" => $_SESSION["uid"]),  
                            $conn);
                    //redirect them to the usersonline page
                    header("Location: usersOnline.php");
            }
        }


    }
}
4

2 回答 2

1

您忘记为$conn的返回值分配一个值DBConnect(),例如

DBconnect($config);

应该

$conn = DBConnect($config);

您也不需要global $conn在脚本中使用,因为它会在范围内。

我还建议不要从PDO构造函数中捕获异常。你怎么知道出了什么问题?echo-ing 异常消息不处理错误。

还有一件事,放在session_start()脚本的顶部或至少在include语句的上方。如果其中任何一个向浏览器输出数据,您将收到旧的“标头已发送”错误。

更新

现在我已经仔细研究了您的问题,为什么要将PDO方法包装在用户函数中,例如query()?您没有在此处添加任何内容,那么为什么不直接使用该PDO对象呢?

于 2013-03-05T00:17:22.390 回答
0

您必须将全局 $conn 放在 DBConnect 函数中

function DBconnect($config) {
    global $conn;
    //...
}

或将 DBConnect 的返回值分配给$conn

于 2013-03-05T00:16:19.580 回答