我在为我的网站创建成员系统时遇到错误,以下代码是文件名funcs.php,但是当我尝试运行任何文件时,无论它是否是register.php or login.php,它都会向我显示以下错误:-
Fatal error: Call to a member function bind_param() on a non-object in /home/mywebsitename/public_html/members/models/funcs.php on line 382
第 382 行是:-
$stmt->bind_param("is", $loggedInUser->user_id, $loggedInUser->hash_pw);
funcs.php 文件的 php 编码如下:-
<?php
function getLanguageFiles()
{
$directory = "models/languages/";
$languages = glob($directory . "*.php");
//print each file name
return $languages;
}
{
$directory = "models/site-templates/";
$languages = glob($directory . "*.css");
//print each file name
return $languages;
}
function getPageFiles()
{
$directory = "";
$pages = glob($directory . "*.php");
//print each file name
foreach ($pages as $page){
$row[$page] = $page;
}
return $row;
}
function destroySession($name)
{
if(isset($_SESSION[$name]))
{
$_SESSION[$name] = NULL;
unset($_SESSION[$name]);
}
}
function getUniqueCode($length = "")
{
$code = md5(uniqid(rand(), true));
if ($length != "") return substr($code, 0, $length);
else return $code;
}
function generateActivationToken($gen = null)
{
do
{
$gen = md5(uniqid(mt_rand(), false));
}
while(validateActivationToken($gen));
return $gen;
}
function generateHash($plainText, $salt = null)
{
if ($salt === null)
{
$salt = substr(md5(uniqid(rand(), true)), 0, 25);
}
else
{
$salt = substr($salt, 0, 25);
}
return $salt . sha1($salt . $plainText);
}
function isValidEmail($email)
{
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
return true;
}
else {
return false;
}
}
function lang($key,$markers = NULL)
{
global $lang;
if($markers == NULL)
{
$str = $lang[$key];
}
else
{
$str = $lang[$key];
$iteration = 1;
foreach($markers as $marker)
{
$str = str_replace("%m".$iteration."%",$marker,$str);
$iteration++;
}
}
if($str == "")
{
return ("No language key found");
}
else
{
return $str;
}
}
function minMaxRange($min, $max, $what)
{
if(strlen(trim($what)) < $min)
return true;
else if(strlen(trim($what)) > $max)
return true;
else
return false;
}
function replaceDefaultHook($str)
{
global $default_hooks,$default_replace;
return (str_replace($default_hooks,$default_replace,$str));
}
function resultBlock($errors,$successes){
if(count($errors) > 0)
{
echo "<div id='error'>
<a href='#' onclick=\"showHide('error');\">[X]</a>
<ul>";
foreach($errors as $error)
{
echo "<li>".$error."</li>";
}
echo "</ul>";
echo "</div>";
}
if(count($successes) > 0)
{
echo "<div id='success'>
<a href='#' onclick=\"showHide('success');\">[X]</a>
<ul>";
foreach($successes as $success)
{
echo "<li>".$success."</li>";
}
echo "</ul>";
echo "</div>";
}
}
function sanitize($str)
{
return strtolower(strip_tags(trim(($str))));
}
function deleteUsers($users) {
global $mysqli,$db_table_prefix;
$i = 0;
$stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."users
WHERE id = ?");
$stmt2 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."user_permission_matches
WHERE user_id = ?");
foreach($users as $id){
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt2->bind_param("i", $id);
$stmt2->execute();
$i++;
}
$stmt->close();
$stmt2->close();
return $i;
}
function displayNameExists($displayname)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT active
FROM ".$db_table_prefix."users
WHERE
display_name = ?
LIMIT 1");
$stmt->bind_param("s", $displayname);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function emailExists($email)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT active
FROM ".$db_table_prefix."users
WHERE
email = ?
LIMIT 1");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function emailUsernameLinked($email,$username)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT active
FROM ".$db_table_prefix."users
WHERE user_name = ?
AND
email = ?
LIMIT 1
");
$stmt->bind_param("ss", $username, $email);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function fetchAllUsers()
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
user_name,
display_name,
password,
email,
activation_token,
last_activation_request,
lost_password_request,
active,
title,
sign_up_stamp,
last_sign_in_stamp
FROM ".$db_table_prefix."users");
$stmt->execute();
$stmt->bind_result($id, $user, $display, $password, $email, $token, $activationRequest, $passwordRequest, $active, $title, $signUp, $signIn);
while ($stmt->fetch()){
$row[] = array('id' => $id, 'user_name' => $user, 'display_name' => $display, 'password' => $password, 'email' => $email, 'activation_token' => $token, 'last_activation_request' => $activationRequest, 'lost_password_request' => $passwordRequest, 'active' => $active, 'title' => $title, 'sign_up_stamp' => $signUp, 'last_sign_in_stamp' => $signIn);
}
$stmt->close();
return ($row);
}
function fetchUserDetails($username=NULL,$token=NULL, $id=NULL)
{
if($username!=NULL) {
$column = "user_name";
$data = $username;
}
elseif($token!=NULL) {
$column = "activation_token";
$data = $token;
}
elseif($id!=NULL) {
$column = "id";
$data = $id;
}
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
user_name,
display_name,
password,
email,
activation_token,
last_activation_request,
lost_password_request,
active,
title,
sign_up_stamp,
last_sign_in_stamp
FROM ".$db_table_prefix."users
WHERE
$column = ?
LIMIT 1");
$stmt->bind_param("s", $data);
$stmt->execute();
$stmt->bind_result($id, $user, $display, $password, $email, $token, $activationRequest, $passwordRequest, $active, $title, $signUp, $signIn);
while ($stmt->fetch()){
$row = array('id' => $id, 'user_name' => $user, 'display_name' => $display, 'password' => $password, 'email' => $email, 'activation_token' => $token, 'last_activation_request' => $activationRequest, 'lost_password_request' => $passwordRequest, 'active' => $active, 'title' => $title, 'sign_up_stamp' => $signUp, 'last_sign_in_stamp' => $signIn);
}
$stmt->close();
return ($row);
}
function flagLostPasswordRequest($username,$value)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
SET lost_password_request = ?
WHERE
user_name = ?
LIMIT 1
");
$stmt->bind_param("ss", $value, $username);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function isUserLoggedIn()
{
global $loggedInUser,$mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
password
FROM ".$db_table_prefix."users
WHERE
id = ?
AND
password = ?
AND
active = 1
LIMIT 1");
$stmt->bind_param("is", $loggedInUser->user_id, $loggedInUser->hash_pw);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if($loggedInUser == NULL)
{
return false;
}
else
{
if ($num_returns > 0)
{
return true;
}
else
{
destroySession("userCakeUser");
return false;
}
}
}
function setUserActive($token)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
SET active = 1
WHERE
activation_token = ?
LIMIT 1");
$stmt->bind_param("s", $token);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function updateDisplayName($id, $display)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
SET display_name = ?
WHERE
id = ?
LIMIT 1");
$stmt->bind_param("si", $display, $id);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function updateEmail($id, $email)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
SET
email = ?
WHERE
id = ?");
$stmt->bind_param("si", $email, $id);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function updateLastActivationRequest($new_activation_token,$username,$email)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
SET activation_token = ?,
last_activation_request = ?
WHERE email = ?
AND
user_name = ?");
$stmt->bind_param("ssss", $new_activation_token, time(), $email, $username);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function updatePasswordFromToken($pass,$token)
{
global $mysqli,$db_table_prefix;
$new_activation_token = generateActivationToken();
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
SET password = ?,
activation_token = ?
WHERE
activation_token = ?");
$stmt->bind_param("sss", $pass, $new_activation_token, $token);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function updateTitle($id, $title)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
SET
title = ?
WHERE
id = ?");
$stmt->bind_param("si", $title, $id);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function userIdExists($id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT active
FROM ".$db_table_prefix."users
WHERE
id = ?
LIMIT 1");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function usernameExists($username)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT active
FROM ".$db_table_prefix."users
WHERE
user_name = ?
LIMIT 1");
$stmt->bind_param("s", $username);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function validateActivationToken($token,$lostpass=NULL)
{
global $mysqli,$db_table_prefix;
if($lostpass == NULL)
{
$stmt = $mysqli->prepare("SELECT active
FROM ".$db_table_prefix."users
WHERE active = 0
AND
activation_token = ?
LIMIT 1");
}
else
{
$stmt = $mysqli->prepare("SELECT active
FROM ".$db_table_prefix."users
WHERE active = 1
AND
activation_token = ?
AND
lost_password_request = 1
LIMIT 1");
}
$stmt->bind_param("s", $token);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function createPermission($permission) {
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."permissions (
name
)
VALUES (
?
)");
$stmt->bind_param("s", $permission);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function deletePermission($permission) {
global $mysqli,$db_table_prefix,$errors;
$i = 0;
$stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permissions
WHERE id = ?");
$stmt2 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."user_permission_matches
WHERE permission_id = ?");
$stmt3 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permission_page_matches
WHERE permission_id = ?");
foreach($permission as $id){
if ($id == 1){
$errors[] = lang("CANNOT_DELETE_NEWUSERS");
}
elseif ($id == 2){
$errors[] = lang("CANNOT_DELETE_ADMIN");
}
else{
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt2->bind_param("i", $id);
$stmt2->execute();
$stmt3->bind_param("i", $id);
$stmt3->execute();
$i++;
}
}
$stmt->close();
$stmt2->close();
$stmt3->close();
return $i;
}
function fetchAllPermissions()
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
name
FROM ".$db_table_prefix."permissions");
$stmt->execute();
$stmt->bind_result($id, $name);
while ($stmt->fetch()){
$row[] = array('id' => $id, 'name' => $name);
}
$stmt->close();
return ($row);
}
function fetchPermissionDetails($id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
name
FROM ".$db_table_prefix."permissions
WHERE
id = ?
LIMIT 1");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->bind_result($id, $name);
while ($stmt->fetch()){
$row = array('id' => $id, 'name' => $name);
}
$stmt->close();
return ($row);
}
function permissionIdExists($id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT id
FROM ".$db_table_prefix."permissions
WHERE
id = ?
LIMIT 1");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function permissionNameExists($permission)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT id
FROM ".$db_table_prefix."permissions
WHERE
name = ?
LIMIT 1");
$stmt->bind_param("s", $permission);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function updatePermissionName($id, $name)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."permissions
SET name = ?
WHERE
id = ?
LIMIT 1");
$stmt->bind_param("si", $name, $id);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function addPermission($permission, $user) {
global $mysqli,$db_table_prefix;
$i = 0;
$stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."user_permission_matches (
permission_id,
user_id
)
VALUES (
?,
?
)");
if (is_array($permission)){
foreach($permission as $id){
$stmt->bind_param("ii", $id, $user);
$stmt->execute();
$i++;
}
}
elseif (is_array($user)){
foreach($user as $id){
$stmt->bind_param("ii", $permission, $id);
$stmt->execute();
$i++;
}
}
else {
$stmt->bind_param("ii", $permission, $user);
$stmt->execute();
$i++;
}
$stmt->close();
return $i;
}
function fetchAllMatches()
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
user_id,
permission_id
FROM ".$db_table_prefix."user_permission_matches");
$stmt->execute();
$stmt->bind_result($id, $user, $permission);
while ($stmt->fetch()){
$row[] = array('id' => $id, 'user_id' => $user, 'permission_id' => $permission);
}
$stmt->close();
return ($row);
}
function fetchUserPermissions($user_id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
permission_id
FROM ".$db_table_prefix."user_permission_matches
WHERE user_id = ?
");
$stmt->bind_param("i", $user_id);
$stmt->execute();
$stmt->bind_result($id, $permission);
while ($stmt->fetch()){
$row[$permission] = array('id' => $id, 'permission_id' => $permission);
}
$stmt->close();
if (isset($row)){
return ($row);
}
}
function fetchPermissionUsers($permission_id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT id, user_id
FROM ".$db_table_prefix."user_permission_matches
WHERE permission_id = ?
");
$stmt->bind_param("i", $permission_id);
$stmt->execute();
$stmt->bind_result($id, $user);
while ($stmt->fetch()){
$row[$user] = array('id' => $id, 'user_id' => $user);
}
$stmt->close();
if (isset($row)){
return ($row);
}
}
function removePermission($permission, $user) {
global $mysqli,$db_table_prefix;
$i = 0;
$stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."user_permission_matches
WHERE permission_id = ?
AND user_id =?");
if (is_array($permission)){
foreach($permission as $id){
$stmt->bind_param("ii", $id, $user);
$stmt->execute();
$i++;
}
}
elseif (is_array($user)){
foreach($user as $id){
$stmt->bind_param("ii", $permission, $id);
$stmt->execute();
$i++;
}
}
else {
$stmt->bind_param("ii", $permission, $user);
$stmt->execute();
$i++;
}
$stmt->close();
return $i;
}
//Update configuration table
function updateConfig($id, $value)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."configuration
SET
value = ?
WHERE
id = ?");
foreach ($id as $cfg){
$stmt->bind_param("si", $value[$cfg], $cfg);
$stmt->execute();
}
$stmt->close();
}
function createPages($pages) {
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."pages (
page
)
VALUES (
?
)");
foreach($pages as $page){
$stmt->bind_param("s", $page);
$stmt->execute();
}
$stmt->close();
}
function deletePages($pages) {
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."pages
WHERE id = ?");
$stmt2 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permission_page_matches
WHERE page_id = ?");
foreach($pages as $id){
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt2->bind_param("i", $id);
$stmt2->execute();
}
$stmt->close();
$stmt2->close();
}
function fetchAllPages()
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
page,
private
FROM ".$db_table_prefix."pages");
$stmt->execute();
$stmt->bind_result($id, $page, $private);
while ($stmt->fetch()){
$row[$page] = array('id' => $id, 'page' => $page, 'private' => $private);
}
$stmt->close();
if (isset($row)){
return ($row);
}
}
function fetchPageDetails($id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
page,
private
FROM ".$db_table_prefix."pages
WHERE
id = ?
LIMIT 1");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->bind_result($id, $page, $private);
while ($stmt->fetch()){
$row = array('id' => $id, 'page' => $page, 'private' => $private);
}
$stmt->close();
return ($row);
}
function pageIdExists($id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT private
FROM ".$db_table_prefix."pages
WHERE
id = ?
LIMIT 1");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->store_result();
$num_returns = $stmt->num_rows;
$stmt->close();
if ($num_returns > 0)
{
return true;
}
else
{
return false;
}
}
function updatePrivate($id, $private)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."pages
SET
private = ?
WHERE
id = ?");
$stmt->bind_param("ii", $private, $id);
$result = $stmt->execute();
$stmt->close();
return $result;
}
function addPage($page, $permission) {
global $mysqli,$db_table_prefix;
$i = 0;
$stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."permission_page_matches (
permission_id,
page_id
)
VALUES (
?,
?
)");
if (is_array($permission)){
foreach($permission as $id){
$stmt->bind_param("ii", $id, $page);
$stmt->execute();
$i++;
}
}
elseif (is_array($page)){
foreach($page as $id){
$stmt->bind_param("ii", $permission, $id);
$stmt->execute();
$i++;
}
}
else {
$stmt->bind_param("ii", $permission, $page);
$stmt->execute();
$i++;
}
$stmt->close();
return $i;
}
function fetchPagePermissions($page_id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
permission_id
FROM ".$db_table_prefix."permission_page_matches
WHERE page_id = ?
");
$stmt->bind_param("i", $page_id);
$stmt->execute();
$stmt->bind_result($id, $permission);
while ($stmt->fetch()){
$row[$permission] = array('id' => $id, 'permission_id' => $permission);
}
$stmt->close();
if (isset($row)){
return ($row);
}
}
function fetchPermissionPages($permission_id)
{
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("SELECT
id,
page_id
FROM ".$db_table_prefix."permission_page_matches
WHERE permission_id = ?
");
$stmt->bind_param("i", $permission_id);
$stmt->execute();
$stmt->bind_result($id, $page);
while ($stmt->fetch()){
$row[$page] = array('id' => $id, 'permission_id' => $page);
}
$stmt->close();
if (isset($row)){
return ($row);
}
}
function removePage($page, $permission) {
global $mysqli,$db_table_prefix;
$i = 0;
$stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permission_page_matches
WHERE page_id = ?
AND permission_id =?");
if (is_array($page)){
foreach($page as $id){
$stmt->bind_param("ii", $id, $permission);
$stmt->execute();
$i++;
}
}
elseif (is_array($permission)){
foreach($permission as $id){
$stmt->bind_param("ii", $page, $id);
$stmt->execute();
$i++;
}
}
else {
$stmt->bind_param("ii", $permission, $user);
$stmt->execute();
$i++;
}
$stmt->close();
return $i;
}
function securePage($uri){
$tokens = explode('/', $uri);
$page = $tokens[sizeof($tokens)-1];
global $mysqli,$db_table_prefix,$loggedInUser;
$stmt = $mysqli->prepare("SELECT
id,
page,
private
FROM ".$db_table_prefix."pages
WHERE
page = ?
LIMIT 1");
$stmt->bind_param("s", $page);
$stmt->execute();
$stmt->bind_result($id, $page, $private);
while ($stmt->fetch()){
$pageDetails = array('id' => $id, 'page' => $page, 'private' => $private);
}
$stmt->close();
if (empty($pageDetails)){
return true;
}
elseif ($pageDetails['private'] == 0) {
return true;
}
elseif(!isUserLoggedIn())
{
header("Location: login.php");
return false;
}
else {
$stmt = $mysqli->prepare("SELECT
permission_id
FROM ".$db_table_prefix."permission_page_matches
WHERE page_id = ?
");
$stmt->bind_param("i", $pageDetails['id']);
$stmt->execute();
$stmt->bind_result($permission);
while ($stmt->fetch()){
$pagePermissions[] = $permission;
}
$stmt->close();
if ($loggedInUser->checkPermission($pagePermissions)){
return true;
}
elseif ($loggedInUser->user_id == $master_account){
return true;
}
else {
header("Location: account.php");
return false;
}
}
}
?>