准备语句：致命错误：使用的mysqli准备语句调用一个成员函数bind_param（）非对象

Question

IM在和我有这个错误

fatal error: Call to a member function bind_param() on a non-object 

MY代码是

<?php 
function register_user(){ 

//Javascripts 
?> 
<script type='text/javascript'> 
     function alldone() { 
     $().toastmessage('showToast', { 
      text  : 'You have been registered, please confirm your account', 
      sticky : true, 
      position : 'middle-center', 
      type  : 'error', 
      closeText: '', 
      close : function() { 
       console.log("toast is closed ..."); 
      } 
     }); 

    } 


     function regdoneconfail() { 
     $().toastmessage('showToast', { 
      text  : 'You have been registered, but could not be added to the database for confirmation. Please contact an admin', 
      sticky : true, 
      position : 'middle-center', 
      type  : 'error', 
      closeText: '', 
      close : function() { 
       console.log("toast is closed ..."); 
      } 
     }); 

    } 

       function confsendfail() { 
     $().toastmessage('showToast', { 
      text  : 'The confirmation mail could not be sent, please contact an admin to confirm your account', 
      sticky : true, 
      position : 'middle-center', 
      type  : 'error', 
      closeText: '', 
      close : function() { 
       console.log("toast is closed ..."); 
      } 
     }); 

    } 

         function noreg() { 
     $().toastmessage('showToast', { 
      text  : 'Your account could not be registered. Please contact an admin', 
      sticky : true, 
      position : 'middle-center', 
      type  : 'error', 
      closeText: '', 
      close : function() { 
       console.log("toast is closed ..."); 
      } 
     }); 

    } 


</script> 

<?php 
//no scripts 
$noreg = 'Your account could not be registered. Please contact an admin'; 
$confsendfail = 'The confirmation mail could not be sent, please contact an admin to confirm your account'; 
$regdoneconfail = 'You have been registered, but could not be added to the database for confirmation. Please contact an admin'; 
$alldone = 'You have been registered, please confirm your account'; 
//Including the mysqli connect file 
include 'includes/mysqli_connect_new.php'; 
//Loading up the security library 
set_include_path(get_include_path().PATH_SEPARATOR."includes/secure/src"); 
spl_autoload_register('spl_autoload'); 
//Fireup the blowfish algorithm 
$gen = new org\codeangel\security\passwords\DefaultPasswordGenerator; 

//Setting error array 
$action = array(); 
$action['result'] = null; 
$text = array(); 

//Defining variables for ease of use 
$name = mysqli_real_escape_string($friend_zone, $_POST['name']); 
$username = mysqli_real_escape_string($friend_zone, $_POST['username']); 
$password = mysqli_real_escape_string($friend_zone, $_POST['password']); 
$repeatpassword = mysqli_real_escape_string($friend_zone,$_POST['repeatpassword']); 
$email = mysqli_real_escape_string($friend_zone, $_POST['email']); 
$security_question = 'wgat'; 
$security_answer = 'what'; 
$captcha = mysqli_real_escape_string($friend_zone, $_POST['captcha']); 
$date = date("Y-m-d"); 
$user_level = 0; 
$user_pattern = '/[^A-Za-z0-9]/'; 
$name_pattern = '/[^A-Za-z0-9 ]/'; 

//Check to see if empty 
if(empty($name)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please type in your name</div><br>'); } 
if(empty($username)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please tpye in a username of your choice</div><br>'); } 
if(empty($email)){ $action['result'] = 'error'; array_push($text,'<div id="errors">you have to type in your email dude, its necessary!</div><br>'); } 
if(empty($password)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please type in a password</div><br>'); } 
if(empty($repeatpassword)){ $action['result'] = 'error'; array_push($text,'<div id="errors">Please repeat the password</div><br>'); } 
if(empty($captcha)) { $action['result'] = 'error'; array_push($text,'<div id="errors">You need to type in the captcha answer</div><br>'); } 


//Checking for invalid characters 
if(!empty($username)){ if(preg_match($user_pattern, $username)){ $action['result'] = 'error'; array_push($text,'<div id="errors">>Username contains invalid letters</div><br>'); } } 
if(!empty($name)){ if(preg_match($name_pattern, $name)){ $action['result'] = 'error'; array_push($text,'<div id="errors">>Name has invalid letters</div><br>'); } } 

//Checking if the entered passwords are matching 
if(!empty($password) && $repeatpassword){ if($password != $repeatpassword){ $action['result'] = 'error'; array_push($text,'<div id="errors">Passwords do not match</div><br>'); } } 

//checks length 
if(!empty($username)){ if(strlen($username) < 6){ $action['result'] = 'error'; array_push($text,'<div id="errors">Username has to be more than 6 letters</div><br>'); } } 
if(!empty($name)){ if(strlen($name) < 5){ $action['result'] = 'error'; array_push($text,'<div id="errors">Name has more than 5 letters</div><br>'); } } 
if(!empty($password) && $repeatpassword){ if(strlen($password) < 7){ $action['result'] = 'error'; array_push($text,'<div id="errors">Passwords needs to have more than 7 letters</div><br>'); } } 


//Checks if email and username is taken or not! 
//username 
if(!empty($username)){ 
$username_check = $friend_zone->prepare("SELECT username FROM users WHERE username = ?"); 
$username_check->bind_param("s", $username); 
$username_check->execute(); 
$username_check->store_result(); 
$username_rows = $username_check->num_rows; 

if($username_rows > 0){ $action['result'] = 'error'; array_push($text,'<div id="errors">Sorry, the username is already taken.</div><br>'); } } 

//email 
if(!empty($email)){ 
$email_check = $friend_zone->prepare("SELECT email FROM users WHERE email = ?"); 
$email_check->bind_param("s", $email); 
$email_check->execute(); 
$email_check->store_result(); 
$email_rows = $email_check->num_rows; 

if($email_rows > 0){ $action['result'] = 'error'; array_push($text,'<div id="errors">The emain address is in use, Click <a href="forgot_password.php">here</a> if you forgot your password</div><br>'); } } 

//Checking the captcha? 
if(!empty($captcha)){ 
if($captcha != 'Marshall'){ $action['result'] = 'error'; array_push($text,'<div id="errors">The captcha answer you typed in is wrong!</div><br>'); } } 



if($action['result'] != 'error'){ 

//encrypting using Cyth security library 
$password = $gen->genPassword($password); 


//$add = "INSERT INTO users (name, username, password, email, security_answer, date, user_level, security_question) VALUES ('$name', '$username', '$password', '$email', '', '$date', '$user_level', '')"; 
//$result = mysqli_query($link, $add); 
$register = $friend_zone->prepare("INSERT INTO users (name, username, password, email, security_answer, date, user_level, security_question) VALUES(?, ?, ?, ?, ?, ?, ?, ?)"); 
$register->bind_param('sssssiis', $name, $username, $password, $email, $security_answer, $date, $user_level, $security_question); 


if($register->execute()){ 

//Time to prepare a random key and add it to confirmation table ;P 
$key = $username . $email . $date; 
$key = sha1($key); 

$user_info = $friend_zone->prepare("SELECT username, email FROM users WHERE username = ?"); 
$user_info->bind_param("s", $username); 
$user_info->execute(); 
$user_info->bind_result($check_id, $check_email); 


while($user_info->fetch()){ 

$user_id = $check_id; 
$user_email = $check_email; 

$confirm_add = $friend_zone->prepare("INSERT into CONFIRM(user_id, username, key) VALUES(?, ?, ?)"); 
$confirm_add->bind_param('iss', $user_id, $username, $key); 

if($confirm_add->execute()) 
{ 
echo "Possibly awesome"; 
//Send the mail 

$to  = $user_email; 
// subject 
$subject = 'FreeFX Account Confirmation'; 

// message 
$message =" 
<html> 
<head> 
<title>Account confirmation</title> 
</head> 
<body> 
<p>Hello $username, you need to confirm your account before you can start using the entire features of our website.<br> 
<a href='www.likeageek.net/confirm.php?username=$username&key_code=$key'>CLICK HERE</a>to confirm your account</p> 
<br> 
<center>OR</center> 
<a href='www.likeageek.net/confirm.php'>Click here</a> and enter the following details in<br> 
<table> 
Username : $username 
<br> 
Key : $key 
<br> 
</table> 
</body> 
</html> 
"; 

// To send HTML mail, the Content-type header must be set 
$headers = 'MIME-Version: 1.0' . "\r\n"; 
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; 

// Additional headers 
$headers .= 'To: $user_email; <$user_email;>' . "\r\n"; 
$headers .= 'From: FreeFX Dudes <noreply@freefx.net>' . "\r\n"; 

if (mail($to, $subject, $message, $headers)) { 
    echo "<script type='text/javascript'> alldone() </script> <noscript> $alldone </noscript>"; 
} else { echo "<script type='text/javascript'> confsendfail() </script> <noscript> $confsendfail </noscript>"; } 

} else { echo "<script type='text/javascript'> regdoneconfail() </script> <noscript> $regdoneconfail </noscript>"; } 

} 

} else { echo "<script type='text/javascript'> noreg() </script> <noscript> $noreg </noscript>"; } 
} else { 


?> 
<script type='text/javascript'> 
     function showstickyerror() { 
     $().toastmessage('showToast', { 
      text  : '<?php echo implode($text); ?>', 
      sticky : true, 
      position : 'middle-center', 
      type  : 'error', 
      closeText: '', 
      close : function() { 
       console.log("toast is closed ..."); 
      } 
     }); 

    } 

     showstickyerror(); 
</script> 
<noscript> 
<?php echo "<div class='wrapbg'> 
<span class='corners-top'><span></span></span> 
<div id='content'><br/> 
Errors 
<hr class='hr1'> 
".implode($text)." 
</div> 
<span class='corners-bottom'><span></span></span> 
</div> 
"; 
?> 
</noscript> 
<?php 
} 

} 

$ confirmadd 是即时通讯有问题，我不知道为什么会发生这种情况。 我做了很多像这样的查询，他们都没有一个单一的错误工作。

Answer 1

首先，您应该将您的准备语句包装在一些错误处理中，以便您能够看到正在发生的事情以及MySQL显示的错误。 MySQL错误通常是相当丰富的，并告诉你在查询失败的位置（这通常有助于发现问题）。

在这种情况下，我相当确定这是导致问题的“关键”列。 “钥匙”是在MySQL意思reserved word，如果你把它作为列名，你需要将它包装在反引号

INSERT into CONFIRM (user_id, username, `key`) VALUES(?, ?, ?) 

但这样你就应该考虑重新命名列以及案件。