Jump to content

Recommended Posts

Hi All.. I am just learning PHP and have ran into a problem. I am looking at some code for a friend that works with the county special olympics. A student did there website...Somethings have stopped work and he will not answer his email.

 

The interface is setup as an Admin Center. When you login and click on the Admin center link this error pops up:

 

Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/admin/admin.php on line 81

 

I have looked at the admin.php page and here is what is on line 81

if(!$session->isAdmin()){
header("Location: ../login.php");
}

Could someone nicely explain this to me. I am still learning Php. Thanks for all your help.

 

PS.

 

Here is the whole code:

<?
/**
* Admin.php
*
* This is the Admin Center page. Only administrators
* are allowed to view this page. This page displays the
* database table of users and banned users. Admins can
* choose to delete specific users, delete inactive users,
* ban users, update user levels, etc.
*
*/

/**
* displayUsers - Displays the users database table in
* a nicely formatted html table.
*/
function displayUsers(){
   global $database;
   $q = "SELECT username,userlevel,email,timestamp "
       ."FROM ".TBL_USERS." ORDER BY userlevel DESC,username";
   $result = $database->query($q);
   /* Error occurred, return given name by default */
   $num_rows = mysql_numrows($result);
   if(!$result || ($num_rows < 0)){
      echo "Error displaying info";
      return;
   }
   if($num_rows == 0){
      echo "Database table empty";
      return;
   }
   /* Display table contents */
   echo "<table align=\"left\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n";
   echo "<tr><td><b>Username</b></td><td><b>Level</b></td><td><b>Email</b></td><td><b>Last Active</b></td></tr>\n";
   for($i=0; $i<$num_rows; $i++){
      $uname  = mysql_result($result,$i,"username");
      $ulevel = mysql_result($result,$i,"userlevel");
      $email  = mysql_result($result,$i,"email");
      $time   = date("m/d/Y g:i A", mysql_result($result,$i,"timestamp"));

      echo "<tr><td>$uname</td><td>$ulevel</td><td>$email</td><td>$time</td></tr>\n";
   }
   echo "</table><br>\n";
}

/**
* displayBannedUsers - Displays the banned users
* database table in a nicely formatted html table.
*/
function displayBannedUsers(){
   global $database;
   $q = "SELECT username,timestamp "
       ."FROM ".TBL_BANNED_USERS." ORDER BY username";
   $result = $database->query($q);
   /* Error occurred, return given name by default */
   $num_rows = mysql_numrows($result);
   if(!$result || ($num_rows < 0)){
      echo "Error displaying info";
      return;
   }
   if($num_rows == 0){
      echo "Database table empty";
      return;
   }
   /* Display table contents */
   echo "<table align=\"left\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n";
   echo "<tr><td><b>Username</b></td><td><b>Time Banned</b></td></tr>\n";
   for($i=0; $i<$num_rows; $i++){
      $uname = mysql_result($result,$i,"username");
      $time  = date("m/d/Y g:i A", mysql_result($result,$i,"timestamp"));

      echo "<tr><td>$uname</td><td>$time</td></tr>\n";
   }
   echo "</table><br>\n";
}
   
/**
* User not an administrator, redirect to main page
* automatically.
*/
if(!$session->isAdmin()){
   header("Location: ../login.php");
}
else{
/**
* Administrator is viewing page, so display all
* forms.
*/
?>
<h1>Admin Center</h1>
<span style="color:#FF0000; font-size:16px;">
<b>::::::::::::::::::::::::::::::::::::::::::::</b></span>
<span style="color:#FF0000; font-size:16px;">Logged in as <b><? echo $session->username; ?></b></span><br><br>
Back to [<a href="../login.php">Main Page</a>]<br><br>
<?
if($form->num_errors > 0){
   echo "<span style=\"color:#FF0000; font-size:16px;\">"
       ."!*** Error with request, please fix</span><br><br>";
}
?>
<table align="left" border="0" cellspacing="5" cellpadding="5">
<tr><td>
<?
/**
* Display Users Table
*/
?>
<h3>Users Table Contents:</h3>
<?
displayUsers();
?>
</td></tr>
<tr>
<td>
<br>
<?
/**
* Update User Level
*/
?>
<h3>Update User Level</h3>
<? echo $form->error("upduser"); ?>
<table>
<form action="admin/adminprocess.php" method="POST">
<tr><td>
Username:<br>
<input type="text" name="upduser" maxlength="30" value="<? echo $form->value("upduser"); ?>">
</td>
<td>
Level:<br>
<select name="updlevel">
<option value="1">1
<option value="9">9
</select>
</td>
<td>
<br>
<input type="hidden" name="subupdlevel" value="1">
<input type="submit" value="Update Level">
</td></tr>
</form>
</table>
</td>
</tr>
<tr>
<td><hr></td>
</tr>
<tr>
<td>
<?
/**
* Delete User
*/
?>
<h3>Delete User</h3>
<? echo $form->error("deluser"); ?>
<form action="admin/adminprocess.php" method="POST">
Username:<br>
<input type="text" name="deluser" maxlength="30" value="<? echo $form->value("deluser"); ?>">
<input type="hidden" name="subdeluser" value="1">
<input type="submit" value="Delete User">
</form>
</td>
</tr>
<tr>
<td><hr></td>
</tr>
<tr>
<td>
<?
/**
* Delete Inactive Users
*/
?>
<h3>Delete Inactive Users</h3>
This will delete all users (not administrators), who have not logged in to the site<br>
within a certain time period. You specify the days spent inactive.<br><br>
<table>
<form action="admin/adminprocess.php" method="POST">
<tr><td>
Days:<br>
<select name="inactdays">
<option value="3">3
<option value="7">7
<option value="14">14
<option value="30">30
<option value="100">100
<option value="365">365
</select>
</td>
<td>
<br>
<input type="hidden" name="subdelinact" value="1">
<input type="submit" value="Delete All Inactive">
</td>
</form>
</table>
</td>
</tr>
<tr>
<td><hr></td>
</tr>
<tr>
<td>
<?
/**
* Ban User
*/
?>
<h3>Ban User</h3>
<? echo $form->error("banuser"); ?>
<form action="admin/adminprocess.php" method="POST">
Username:<br>
<input type="text" name="banuser" maxlength="30" value="<? echo $form->value("banuser"); ?>">
<input type="hidden" name="subbanuser" value="1">
<input type="submit" value="Ban User">
</form>
</td>
</tr>
<tr>
<td><hr></td>
</tr>
<tr><td>
<?
/**
* Display Banned Users Table
*/
?>
<h3>Banned Users Table Contents:</h3>
<?
displayBannedUsers();
?>
</td></tr>
<tr>
<td><hr></td>
</tr>
<tr>
<td>
<?
/**
* Delete Banned User
*/
?>
<h3>Delete Banned User</h3>
<? echo $form->error("delbanuser"); ?>
<form action="admin/adminprocess.php" method="POST">
Username:<br>
<input type="text" name="delbanuser" maxlength="30" value="<? echo $form->value("delbanuser"); ?>">
<input type="hidden" name="subdelbanned" value="1">
<input type="submit" value="Delete Banned User">
</form>
</td>
</tr>
</table>
</body>
</html>
<?
}
?>

 

Link to comment
https://forums.phpfreaks.com/topic/175054-php-object-error-problem/
Share on other sites

First off please use code tags (#)

 

by the looks of things the admin.php shouldn't be access directly

as $form, $database and $session are not set,

I'm going to take a guess but assume his forgot to include a common.php or functions.php or config.php file

if you can find a function called isAdmin()

function isAdmin(

then you could probably work out the code from their

Well I found the function in the sessions.php file:

/**
    * isAdmin - Returns true if currently logged in user is
    * an administrator, false otherwise.
    */
   function isAdmin(){
      return ($this->userlevel == ADMIN_LEVEL ||
              $this->username  == ADMIN_NAME);
   }

 

I found the Admin_Name located in the constants.php file. I changed it to my username with the correct Admin_level. Still trying to figure out the code and get it fixed. Still popping the same error.

 

What else would you like me to post that may help figure out the problem. Still learn the rope of php.. :) Thanks again for the help

 

okay, now does sessions.php have a lines that says.

include "constants.php";

or

require"constants.php";

 

it may also be include_once or require_once,

 

also see if you can find a file that includes "sessions.php" (same idea as above)

 

the reason i ask, is to try to get an idea of what type of setup is used,

for example he may of created a file called config.php that includes the above and calls the classes,

if you wish, you could upload the files here and i could have a quick look, (you require 10+ posts to upload last time i checked) but you could zip+ mail them if you like

Hi. I found a file called adminprocess.php that includes the sessions.php file.. Here it is:

 

<?
/**
* AdminProcess.php
* 
* The AdminProcess class is meant to simplify the task of processing
* admin submitted forms from the admin center, these deal with
* member system adjustments.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 15, 2004
*/
include("../include/session.php");

class AdminProcess
{
   /* Class constructor */
   function AdminProcess(){
      global $session;
      /* Make sure administrator is accessing page */
      if(!$session->isAdmin()){
         header("Location: ../login.php");
         return;
      }
      /* Admin submitted update user level form */
      if(isset($_POST['subupdlevel'])){
         $this->procUpdateLevel();
      }
      /* Admin submitted delete user form */
      else if(isset($_POST['subdeluser'])){
         $this->procDeleteUser();
      }
      /* Admin submitted delete inactive users form */
      else if(isset($_POST['subdelinact'])){
         $this->procDeleteInactive();
      }
      /* Admin submitted ban user form */
      else if(isset($_POST['subbanuser'])){
         $this->procBanUser();
      }
      /* Admin submitted delete banned user form */
      else if(isset($_POST['subdelbanned'])){
         $this->procDeleteBannedUser();
      }
      /* Should not get here, redirect to home page */
      else{
         header("Location: ../login.php");
      }
   }

   /**
    * procUpdateLevel - If the submitted username is correct,
    * their user level is updated according to the admin's
    * request.
    */
   function procUpdateLevel(){
      global $session, $database, $form;
      /* Username error checking */
      $subuser = $this->checkUsername("upduser");
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ../index.php?mode=admin/admin");
      }
      /* Update user level */
      else{
         $database->updateUserField($subuser, "userlevel", (int)$_POST['updlevel']);
         header("Location: ../index.php?mode=admin/admin");
      }
   }
   
   /**
    * procDeleteUser - If the submitted username is correct,
    * the user is deleted from the database.
    */
   function procDeleteUser(){
      global $session, $database, $form;
      /* Username error checking */
      $subuser = $this->checkUsername("deluser");
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ../index.php?mode=admin/admin");
      }
      /* Delete user from database */
      else{
         $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
         $database->query($q);
         header("Location: ../index.php?mode=admin/admin");
      }
   }
   
   /**
    * procDeleteInactive - All inactive users are deleted from
    * the database, not including administrators. Inactivity
    * is defined by the number of days specified that have
    * gone by that the user has not logged in.
    */
   function procDeleteInactive(){
      global $session, $database;
      $inact_time = $session->time - $_POST['inactdays']*24*60*60;
      $q = "DELETE FROM ".TBL_USERS." WHERE timestamp < $inact_time "
          ."AND userlevel != ".ADMIN_LEVEL;
      $database->query($q);
      header("Location: ../index.php?mode=admin/admin");
   }
   
   /**
    * procBanUser - If the submitted username is correct,
    * the user is banned from the member system, which entails
    * removing the username from the users table and adding
    * it to the banned users table.
    */
   function procBanUser(){
      global $session, $database, $form;
      /* Username error checking */
      $subuser = $this->checkUsername("banuser");
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ../index.php?mode=admin/admin");
      }
      /* Ban user from member system */
      else{
         $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
         $database->query($q);

         $q = "INSERT INTO ".TBL_BANNED_USERS." VALUES ('$subuser', $session->time)";
         $database->query($q);
         header("Location: ../index.php?mode=admin/admin");
      }
   }
   
   /**
    * procDeleteBannedUser - If the submitted username is correct,
    * the user is deleted from the banned users table, which
    * enables someone to register with that username again.
    */
   function procDeleteBannedUser(){
      global $session, $database, $form;
      /* Username error checking */
      $subuser = $this->checkUsername("delbanuser", true);
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ../index.php?mode=admin/admin");
      }
      /* Delete user from database */
      else{
         $q = "DELETE FROM ".TBL_BANNED_USERS." WHERE username = '$subuser'";
         $database->query($q);
         header("Location: ../index.php?mode=admin/admin");
      }
   }
   
   /**
    * checkUsername - Helper function for the above processing,
    * it makes sure the submitted username is valid, if not,
    * it adds the appropritate error to the form.
    */
   function checkUsername($uname, $ban=false){
      global $database, $form;
      /* Username error checking */
      $subuser = $_POST[$uname];
      $field = $uname;  //Use field name for username
      if(!$subuser || strlen($subuser = trim($subuser)) == 0){
         $form->setError($field, "* Username not entered<br>");
      }
      else{
         /* Make sure username is in database */
         $subuser = stripslashes($subuser);
         if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
            !eregi("^([0-9a-z])+$", $subuser) ||
            (!$ban && !$database->usernameTaken($subuser))){
            $form->setError($field, "* Username does not exist<br>");
         }
      }
      return $subuser;
   }
};

/* Initialize process */
$adminprocess = new AdminProcess;

?>

 

Thanks for looking.

Ahh okay.. well this code

function procUpdateLevel(){
      global $session, $database, $form;

shows that $session, $database, $form are being used

 

So i am hoping session.php has all the parts we need :)

 

okay, is adminprocess.php in the same folder as admin.php

(assuming it is)

update the top part admin.php from

<?
/**
* Admin.php

to

<?php
include("../include/session.php");
/**
* Admin.php

and try that

Awesome..that fixed that part.. When that page finally came up all looked ok until I hit the go back to main page link then I got this:

 

Login

Username: <input type="text" name="user" maxlength="30" value="

Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 25

 

<?
if($session->logged_in){
   echo "<h1>Logged In</h1>";
   echo "Welcome <b>$session->username</b>, you are logged in. <br><br>"
       ."[<a href=\"userinfo.php?user=$session->username\">My Account</a>]   "
       ."[<a href=\"useredit.php\">Edit Account</a>]   ";
   if($session->isAdmin()){
      echo "[<a href=\"admin/admin.php\">Admin Center</a>]   ";
   }
   echo "[<a href=\"process.php\">Logout</a>]";
}else{
?>
<form action="process.php" method="POST">
<table width="75%" border="0" align="center" cellpadding="5" cellspacing="0">
      <tr>
        <th colspan="3">Login</th>
      </tr>
<? if($form->num_errors > 0){ ?>
      <tr>
        <td colspan="3"><?php echo "<span style=\"color:#FF0000; font-size:16px;\">".$form->num_errors." error(s) found</span>"; ?></td>
      </tr>
<?php } ?>
      <tr>
        <td width="60px">Username:</td>
        <td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td>
        <td align="right"><? echo $form->error("user"); ?></td>
      </tr>
      <tr>
        <td width="60px">Password:</td>
        <td><input type="password" name="pass" maxlength="30" value="<? echo $form->value("pass"); ?>"></td>
        <td align="right"><? echo $form->error("pass"); ?></td>
      </tr>
      <tr>
        <td> </td>
        <td>
        <?php if(isset($_SESSION["referrer"])){ ?>
        <input type="hidden" name="referrer" value="<?php echo($_SESSION["referrer"]); ?>">
        <?php unset($_SESSION["referrer"]);} ?>
        <input type="hidden" name="sublogin" value="1"><input type="submit" value="Login"></td>
        <td align="right"><span style="color:#FF0000; font-size:16px;">[<a href="forgotpass.php">Forgot Password?</a>]</span></td>
      </tr>
    </table>
</form>
<?php } ?>

 

Line 25 is:

 

<td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td>

 

It is probably right in frontof my face but I can't see it. Thanks for the great help and being patient with me.

Well, that took care of line 25 now once I made the change it says:

 

Login 
Username: <input type="text" name="user" maxlength="30" value="
Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 26

 

The code for line 26 is:

 

<td align="right"><? echo $form->error("user"); ?></td>

 

Boy, getting so close to getting this fixed

when you login, does the url end with login.php ?

it strange but it looks like sub-code..

 

in anycase

 

okay searching for a function called it maybe misleading,

 

so

1. you need to look for a file that contains code like this

 

$form = new something

 

the code probably include a file with the word form in the name, ie form.class.php

 

check the included file first but your looking for a file that has code like this

 

class something{

 

the something will be the same as from search 1

 

When I login it is at an admin page. Not the login.php page..That was just the way the site was setup.

Ok, I looked in the sessions.php file and at the bottom found:

 

/**
* Initialize session object - This must be initialized before
* the form object because the form uses session variables,
* which cannot be accessed unless the session has started.
*/
$session = new Session;

/* Initialize form object */
$form = new Form;

?>

 

Have not found the class yet.

 

 

ok I have found the form.php file that has the Call Form in it: Hope this helps.

 

<? 
/**
* Form.php
*
* The Form class is meant to simplify the task of keeping
* track of errors in user submitted forms and the form
* field values that were entered correctly.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 19, 2004
*/

class Form
{
   var $values = array();  //Holds submitted form field values
   var $errors = array();  //Holds submitted form error messages
   var $num_errors;   //The number of errors in submitted form

   /* Class constructor */
   function Form(){
      /**
       * Get form value and error arrays, used when there
       * is an error with a user-submitted form.
       */
      if(isset($_SESSION['value_array']) && isset($_SESSION['error_array'])){
         $this->values = $_SESSION['value_array'];
         $this->errors = $_SESSION['error_array'];
         $this->num_errors = count($this->errors);

         unset($_SESSION['value_array']);
         unset($_SESSION['error_array']);
      }
      else{
         $this->num_errors = 0;
      }
   }

   /**
    * setValue - Records the value typed into the given
    * form field by the user.
    */
   function setValue($field, $value){
      $this->values[$field] = $value;
   }

   /**
    * setError - Records new form error given the form
    * field name and the error message attached to it.
    */
   function setError($field, $errmsg){
      $this->errors[$field] = $errmsg;
      $this->num_errors = count($this->errors);
   }

   /**
    * value - Returns the value attached to the given
    * field, if none exists, the empty string is returned.
    */
   function value($field){
      if(array_key_exists($field,$this->values)){
         return htmlspecialchars(stripslashes($this->values[$field]));
      }else{
         return "";
      }
   }

   /**
    * error - Returns the error message attached to the
    * given field, if none exists, the empty string is returned.
    */
   function error($field){
      if(array_key_exists($field,$this->errors)){
         return "<span style=\"color:#FF0000; font-size:16px;\">".$this->errors[$field]."</span>";
      }else{
         return "";
      }
   }

   /* getErrorArray - Returns the array of error messages */
   function getErrorArray(){
      return $this->errors;
   }
};

?>

Well, after checking around a bit the statement below is wrong. I am still have the same error on this other page as before. When I put the

include(../sessions.php)

 

line in all it did was bump the code down and make the error on line #26. Sorry I did catch it earlier.

 

"Well, that took care of line 25 now once I made the change it says:

Login
Username: <input type="text" name="user" maxlength="30" value="
Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 26

"

 

 

I am still getting this error

 

Username: <input type="text" name="user" maxlength="30" value="

Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 25

 

with that line being:

 

 <td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td>

:shrug:

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.