0

hi can someone check this section up for me as im getting a error from it after converting to mysqli
Fatal error: Call to a member function query() on a non-object in /home/matureco/public_html/config/db_connect.php on line 67

// find total message per user
if(! function_exists(unReadMsgCount) ) 
{
    function unReadMsgCount($id)
    {
        return $conn->query("select * from messages where rece_id='".$id."' and readflage = 0 and status=1")->num_rows;
    }
}

ty jan x

4
Contributors
4
Replies
19
Views
1 Year
Discussion Span
Last Post by diafol
0

from here hun

<?php
session_start();
include("config_global.php");

$conn       = new mysqli(DBHOST,DBUSER,DBPASS,DBNAME) or die($mysqli->error);

$row            = $conn->query("select * from settings where id = '1' ")->fetch_array();
$site_name  = trim(stripslashes($row['site_name']));
$email      = trim($row['email']);
$keyword    = trim(stripslashes($row['keyword']));
$description= trim(stripslashes($row['description']));
$logo       = trim($row['logo']);
$copyright  = trim(stripslashes($row['copyright']));

$favicon    = trim($row['favicon']);
$paypal_email   = trim($row['paypal_email']);
1

Syntax for mysqli_query().

PS: Again, it seems that you don't listen to someone's suggestion about SQL injection. You don't prepare query but rather directly use it in database query...

Edited by Taywin

0

Yes, I think we've been here before. SQL Injection, trimming post-select instead of pre-insert.
Also use a 'LIMIT 1' clause in the SQL to stop MySQL from searching the rest of the table once it has found a hit.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.