1
イム上)(メンバ関数のbind_paramに呼び出しMYコードが準備文:致命的なエラー:mysqliのを使用して、非対象
<?php
function register_user(){
//Javascripts
?>
<script type='text/javascript'>
function alldone() {
$().toastmessage('showToast', {
text : 'You have been registered, please confirm your account',
sticky : true,
position : 'middle-center',
type : 'error',
closeText: '',
close : function() {
console.log("toast is closed ...");
}
});
}
function regdoneconfail() {
$().toastmessage('showToast', {
text : 'You have been registered, but could not be added to the database for confirmation. Please contact an admin',
sticky : true,
position : 'middle-center',
type : 'error',
closeText: '',
close : function() {
console.log("toast is closed ...");
}
});
}
function confsendfail() {
$().toastmessage('showToast', {
text : 'The confirmation mail could not be sent, please contact an admin to confirm your account',
sticky : true,
position : 'middle-center',
type : 'error',
closeText: '',
close : function() {
console.log("toast is closed ...");
}
});
}
function noreg() {
$().toastmessage('showToast', {
text : 'Your account could not be registered. Please contact an admin',
sticky : true,
position : 'middle-center',
type : 'error',
closeText: '',
close : function() {
console.log("toast is closed ...");
}
});
}
</script>
<?php
//no scripts
$noreg = 'Your account could not be registered. Please contact an admin';
$confsendfail = 'The confirmation mail could not be sent, please contact an admin to confirm your account';
$regdoneconfail = 'You have been registered, but could not be added to the database for confirmation. Please contact an admin';
$alldone = 'You have been registered, please confirm your account';
//Including the mysqli connect file
include 'includes/mysqli_connect_new.php';
//Loading up the security library
set_include_path(get_include_path().PATH_SEPARATOR."includes/secure/src");
spl_autoload_register('spl_autoload');
//Fireup the blowfish algorithm
$gen = new org\codeangel\security\passwords\DefaultPasswordGenerator;
//Setting error array
$action = array();
$action['result'] = null;
$text = array();
//Defining variables for ease of use
$name = mysqli_real_escape_string($friend_zone, $_POST['name']);
$username = mysqli_real_escape_string($friend_zone, $_POST['username']);
$password = mysqli_real_escape_string($friend_zone, $_POST['password']);
$repeatpassword = mysqli_real_escape_string($friend_zone,$_POST['repeatpassword']);
$email = mysqli_real_escape_string($friend_zone, $_POST['email']);
$security_question = 'wgat';
$security_answer = 'what';
$captcha = mysqli_real_escape_string($friend_zone, $_POST['captcha']);
$date = date("Y-m-d");
$user_level = 0;
$user_pattern = '/[^A-Za-z0-9]/';
$name_pattern = '/[^A-Za-z0-9 ]/';
//Check to see if empty
if(empty($name)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please type in your name</div><br>'); }
if(empty($username)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please tpye in a username of your choice</div><br>'); }
if(empty($email)){ $action['result'] = 'error'; array_push($text,'<div id="errors">you have to type in your email dude, its necessary!</div><br>'); }
if(empty($password)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please type in a password</div><br>'); }
if(empty($repeatpassword)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please repeat the password</div><br>'); }
if(empty($captcha)) { $action['result'] = 'error'; array_push($text,'<div id="errors">You need to type in the captcha answer</div><br>'); }
//Checking for invalid characters
if(!empty($username)){ if(preg_match($user_pattern, $username)){ $action['result'] = 'error'; array_push($text,'<div id="errors">>Username contains invalid letters</div><br>'); } }
if(!empty($name)){ if(preg_match($name_pattern, $name)){ $action['result'] = 'error'; array_push($text,'<div id="errors">>Name has invalid letters</div><br>'); } }
//Checking if the entered passwords are matching
if(!empty($password) && $repeatpassword){ if($password != $repeatpassword){ $action['result'] = 'error'; array_push($text,'<div id="errors">Passwords do not match</div><br>'); } }
//checks length
if(!empty($username)){ if(strlen($username) < 6){ $action['result'] = 'error'; array_push($text,'<div id="errors">Username has to be more than 6 letters</div><br>'); } }
if(!empty($name)){ if(strlen($name) < 5){ $action['result'] = 'error'; array_push($text,'<div id="errors">Name has more than 5 letters</div><br>'); } }
if(!empty($password) && $repeatpassword){ if(strlen($password) < 7){ $action['result'] = 'error'; array_push($text,'<div id="errors">Passwords needs to have more than 7 letters</div><br>'); } }
//Checks if email and username is taken or not!
//username
if(!empty($username)){
$username_check = $friend_zone->prepare("SELECT username FROM users WHERE username = ?");
$username_check->bind_param("s", $username);
$username_check->execute();
$username_check->store_result();
$username_rows = $username_check->num_rows;
if($username_rows > 0){ $action['result'] = 'error'; array_push($text,'<div id="errors">Sorry, the username is already taken.</div><br>'); } }
//email
if(!empty($email)){
$email_check = $friend_zone->prepare("SELECT email FROM users WHERE email = ?");
$email_check->bind_param("s", $email);
$email_check->execute();
$email_check->store_result();
$email_rows = $email_check->num_rows;
if($email_rows > 0){ $action['result'] = 'error'; array_push($text,'<div id="errors">The emain address is in use, Click <a href="forgot_password.php">here</a> if you forgot your password</div><br>'); } }
//Checking the captcha?
if(!empty($captcha)){
if($captcha != 'Marshall'){ $action['result'] = 'error'; array_push($text,'<div id="errors">The captcha answer you typed in is wrong!</div><br>'); } }
if($action['result'] != 'error'){
//encrypting using Cyth security library
$password = $gen->genPassword($password);
//$add = "INSERT INTO users (name, username, password, email, security_answer, date, user_level, security_question) VALUES ('$name', '$username', '$password', '$email', '', '$date', '$user_level', '')";
//$result = mysqli_query($link, $add);
$register = $friend_zone->prepare("INSERT INTO users (name, username, password, email, security_answer, date, user_level, security_question) VALUES(?, ?, ?, ?, ?, ?, ?, ?)");
$register->bind_param('sssssiis', $name, $username, $password, $email, $security_answer, $date, $user_level, $security_question);
if($register->execute()){
//Time to prepare a random key and add it to confirmation table ;P
$key = $username . $email . $date;
$key = sha1($key);
$user_info = $friend_zone->prepare("SELECT username, email FROM users WHERE username = ?");
$user_info->bind_param("s", $username);
$user_info->execute();
$user_info->bind_result($check_id, $check_email);
while($user_info->fetch()){
$user_id = $check_id;
$user_email = $check_email;
$confirm_add = $friend_zone->prepare("INSERT into CONFIRM(user_id, username, key) VALUES(?, ?, ?)");
$confirm_add->bind_param('iss', $user_id, $username, $key);
if($confirm_add->execute())
{
echo "Possibly awesome";
//Send the mail
$to = $user_email;
// subject
$subject = 'FreeFX Account Confirmation';
// message
$message ="
<html>
<head>
<title>Account confirmation</title>
</head>
<body>
<p>Hello $username, you need to confirm your account before you can start using the entire features of our website.<br>
<a href='www.likeageek.net/confirm.php?username=$username&key_code=$key'>CLICK HERE</a>to confirm your account</p>
<br>
<center>OR</center>
<a href='www.likeageek.net/confirm.php'>Click here</a> and enter the following details in<br>
<table>
Username : $username
<br>
Key : $key
<br>
</table>
</body>
</html>
";
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'To: $user_email; <$user_email;>' . "\r\n";
$headers .= 'From: FreeFX Dudes <[email protected]>' . "\r\n";
if (mail($to, $subject, $message, $headers)) {
echo "<script type='text/javascript'> alldone() </script> <noscript> $alldone </noscript>";
} else { echo "<script type='text/javascript'> confsendfail() </script> <noscript> $confsendfail </noscript>"; }
} else { echo "<script type='text/javascript'> regdoneconfail() </script> <noscript> $regdoneconfail </noscript>"; }
}
} else { echo "<script type='text/javascript'> noreg() </script> <noscript> $noreg </noscript>"; }
} else {
?>
<script type='text/javascript'>
function showstickyerror() {
$().toastmessage('showToast', {
text : '<?php echo implode($text); ?>',
sticky : true,
position : 'middle-center',
type : 'error',
closeText: '',
close : function() {
console.log("toast is closed ...");
}
});
}
showstickyerror();
</script>
<noscript>
<?php echo "<div class='wrapbg'>
<span class='corners-top'><span></span></span>
<div id='content'><br/>
Errors
<hr class='hr1'>
".implode($text)."
</div>
<span class='corners-bottom'><span></span></span>
</div>
";
?>
</noscript>
<?php
}
}
$です
fatal error: Call to a member function bind_param() on a non-object
テーブル名が小文字で、クエリで訂正されましたが、まだエラーが返されます –
これは、以前の 'prepare'メソッドがfalseを返した可能性が高い場合です。 '$ confirm_add'が実際にオブジェクトであることを確認しましたか? – Josh
そのブール(false) 私はなぜ、任意のアイデアを知っていないのですか? –