PHP_PhREEEk Posted November 16, 2007 Share Posted November 16, 2007 From line 20 of inc_sql.php: @$this->dbconn = new mysqli($sqlhost, "USER", "PASS.", "DATABASE"); Where can we find the class mysqli? Why is there an error-suppressor in front of this? The plot thickens... we are close. PhREEEk Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-393073 Share on other sites More sharing options...
hhawkins Posted November 19, 2007 Author Share Posted November 19, 2007 I am using the newly formatted one, this is the same error. I do not know why there is an error suppressor in front of that line, I inherited it that way. I have searched all the existing pages for a mysqli class and do not see that. mysqli is a built in class, right? http://devzone.zend.com/node/view/id/686 Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-394415 Share on other sites More sharing options...
aschk Posted November 19, 2007 Share Posted November 19, 2007 Is mysqli actually installed? phpinfo() is your friend... Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-394456 Share on other sites More sharing options...
hhawkins Posted November 19, 2007 Author Share Posted November 19, 2007 Yes it is, I am thinking it isn't the connection because this is only occurring on some of the error in message.php. I also have no other issues with the site/ connection to the database. Those in the first switch statement <?php switch ($_GET['error']) { case "accountlocked": $data = "<h2>Your account has been locked due to invalid login attempts.</h2>Please call 1-800-967-7929 to have your account unfrozen."; break; case "usernamemade": $data = "<h2>A username has already been set up for this account number.</h2>Click <a href='index.php'>here</a> to return to the homepage."; break; case "usernamerouting": $data = "<h2>The account number (or username) that you have entered was the routing number instead of your intended account number or username.</h2>Click <a href='index.php'>here</a> to return to the homepage."; break; case "newmemblank": $data = "<h2>Error: One or more fields in the membership application was left blank.</h2>Click your browser's 'back' button to fill in those fields."; break; case "invalidticket": $data = "<h2>Error: Ticket does not exist or is no longer open.</h2>"; break; case "mcwdown": $data = $error_st."Home Banking is currently under maintenance. Please try again later. <br><br>".$error_end; break; case "mcws1": case "mcws2": $stage = preg_replace("/[^0-9]/", "",$_GET['error']); $data = $error_st."Home Banking is currently under maintenance. Please try again later. <br><br>Error: MCW unreachable at stage {$stage}".$error_end; break; case "mcws3": $data = $error_st."Home Banking is currently under maintenance. Please try again later. <br><br>Error: MCW returned an error report".$error_end; break; case "sqlserver": $data = $error_st."E-branch is currently under maintenance. Please try again later. <br><br>Error: SQL server down</b><br><br>We apologize for the inconvenience."; break; case "sqlcmd": $data = $error_st."Error: An invalid SQL command was run.".$error_end; if($_GET['errno']=="2013") { $data = $error_st."Home Banking is currently under maintenance. Please try again later. We apologize for any inconvenience during this time.<br><br>Error: SQL-timeout".$error_end; } break; } This one works: <?php switch ($_GET['added']) { case "ad": $data = $submit_st."Your classified ad has been submitted and will be reviewed for posting.<br><a href='services_class.php'>Return to classified ads section.</a>"; break; } Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-394467 Share on other sites More sharing options...
PHP_PhREEEk Posted November 19, 2007 Share Posted November 19, 2007 I'm trying to figure out why $_GET['added'] works. In message.php, that function captures and display a success message, but where is the actual ad posted (and then headered to message.php?added=ad)? I'd like to var_dump $dbc when the actual ad is saved to the database, which occurs before the code you posted. PhREEEk Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-394631 Share on other sites More sharing options...
hhawkins Posted November 20, 2007 Author Share Posted November 20, 2007 Another error works okay as well, the $GET'change_un' switch statement errors. Maybe the problem is with the class_auth or inc_tether I am looking at those now and cleaning them up. Here is the inc_tether, this is where some of the messages are generated that are NOT working. <?php if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])) exit('This file can not be accessed directly...'); final class tether { public $dir; public $expire; public $slot; public $thedata; public $membername; private $content, $mcwdomain,$tetherpage,$mcwport; public function __construct() { $this->mcwport = 443; $this->mcwdomain = "PATH"; //orig//$this->tetherpage = 'PATH'; $this->tetherpage = 'PATH'; //global $dbc; //https://PATH //https://PATH", "r"); set_time_limit(11); ini_set('default_socket_timeout', "3"); ///$GLOBALS['dbc']->dbconn->close();$GLOBALS['dbc']->dbconn="";unset($GLOBALS['dbc']); //$hostip = @gethostbyname($this->mcwdomain); // resloves IP from Hostname returns hostname on failure //if ($hostip == $this->mcwdomain) {header("Location: message.php?error=mcws1");exit;}// if the IP is not resloved ///$fp = @fsockopen($this->mcwdomain, $this->mcwport, $errno, $errstr, 4);$pulltest=fgets($fp,256); ///if (!$fp) {header("Location: message.php?error=mcws1");exit;} fclose($fp);$fp="";$pulltest=""; //if(!$this->content = @file_get_contents("http://www.smartftp.com/get/SFTPFTPLib.exe")){ if(!$this->content = @file_get_contents("https://".$this->mcwdomain.$this->tetherpage)){ $_COOKIE[session_name()] = array();session_destroy();header("Location: message.php?error=mcws1");exit;} ///$GLOBALS['dbc'] = new DBI; //echo "<xmp>".$this->content."</xmp>"; $this->expire=$this->toparse_input("MCWEXPIRATION"); $this->slot=$this->toparse_input("MCWASSIGNEDSLOT"); $this->dir=$this->toparse_input("MCWSYMDIR"); $this->drfaap=$this->toparse_input("___dr_faap_company_id___"); } private function toparse_input($nametag) { // $lookfor = '<INPUT TYPE="HIDDEN" NAME="'.$name.'" VALUE="'; // return $this->toparse($this->content, $lookfor, '">'); //preg_match('#<INPUT\W*TYPE\W*=\W*"HIDDEN"\W+NAME\W*=\W*"'.$name.'"\W*ID\W*=\W*"[^"]*"\W+VALUE\W*=\W*"([^"]*)"\W*>#i',$this->content,$matches); preg_match("#<INPUT.*(?=name)name\W*=\W*[\"']{$nametag}[\"'].*(?=value)value\W*=\W*[\"']([^\"']*)#i",$this->content,$valuetag); return $valuetag[1]; } private function toparse($data, $lookfor, $end) { $start = stripos($data, $lookfor); $start = $start + strlen($lookfor); $end = strpos($data, $end, $start); $MCW=substr($data, $start, $end-$start); return strip_tags($MCW); } public function vuser($username, $password) { ///$GLOBALS['dbc']->dbconn->close();unset($GLOBALS['dbc']); $size = 0; // Bytes will be read (and display). 0 for read all //$server = 'IP'; // IP address //$host = 'DOMAIN; // Domain name $target = '/VerifyLogin'; // Specific program $posts = array ( '___dr_faap_company_id___' => $this->drfaap,'MCWTRANTYPE' => 'MCWLOGONFORM','MCWEXPIRATION' => $this->expire, 'MCWASSIGNEDSLOT' => $this->slot, 'MCWSYMDIR' => $this->dir, 'ACCOUNTNUMBER' => $username, 'PASSWORD' => $password, 'submitit' => 'continue', 'MCWSUBMIT' => 'Continue'); //$posts = array ( 'MCWTRANTYPE' => 'MCWLOGONFORM','___dr_faap_company_id___' => $this->dr_faap, 'ACCOUNTNUMBER' => $username, //'PASSWORD' => $password, 'submitit' => 'continue', 'MCWSUBMIT' => 'Continue'); foreach( $posts AS $name => $value ){ $postValues .= urlencode( $name ) . "=" . urlencode( $value ) . '&'; } $postValues = substr( $postValues, 0, -1 ); $request = "POST $target HTTP/1.1\r\n"; $request .= "Host: $host\r\n"; $lenght = strlen( $postValues ); $request .= "Content-Type: application/x-www-form-urlencoded\r\n"; $request .= "Content-Length: $lenght\r\n"; $request .= "\r\n"; $request .= $postValues; @$fp = fsockopen("ssl://".$this->mcwdomain, $this->mcwport, $errno, $errstr, 6); if (!$fp) {header("Location: message.php?error=mcws2");exit;} //echo "$errstr ($errno)<br />\n"; fwrite($fp, $request); while (!feof($fp)) { @$tdata.=fgets($fp, 4096); } fclose($fp); $start = stripos($tdata, "<html"); $this->thedata = substr($tdata,$start); $this->name = $this->toparse($this->thedata, "<FONT SIZE=+2 FACE=ARIAL,HELVETICA><B>", "</B>"); //echo $this->expire."<br>".$this->slot."<br>".$this->dir; ///$GLOBALS['dbc'] = new DBI; return $this->thedata; } } //## test dir ///path test mcw //real //https://path //<INPUT TYPE="HIDDEN" NAME="MCWSYMDIR" VALUE="###"> FUNCTION checkuser($username, $password) { global $input, $auth; $GLOBALS['dbc']->dbconn->close();unset($GLOBALS['dbc']->dbconn);unset($GLOBALS['dbc']); $tether = new tether(); $thedata = $tether->vuser($username, $password); if($thedata) $GLOBALS['dbc'] = new DBI; $headers = 'From: [email protected]' . "\r\n" . 'Reply-To: [email protected]'; //DEBUG//$qthedata = $dbc->quote_smart($thedata); //DEBUG//$qry = sprintf("INSERT debug set account={$username},username='not list',password='{$password}',content=%s",$qthedata); //DEBUG//if($username=="#####") $dbc->dbconn->query($qry); if($username=="99999999") mail('[email protected]', "STAT - {$username}", $thedata,$headers); if(substr_count($thedata,"down for maintenance")) {header("Location:message.php?error=mcwdown");exit();} if(substr_count($thedata,"frozen")>=1) {header("Location:message.php?error=accountlocked");exit();} if(substr_count($thedata,"The account number or password you have entered is invalid") || substr_count($thedata,"/cgi-bin/mcw000.cgi?MCWSTART") || substr_count($thedata,"The account number or access code you have entered is invalid") || substr_count($thedata,"entered is invalid")) return "invalid"; if(substr_count($thedata,"TRANSAVINGSBALANC")) $_SESSION['membername'] = $tether->name; if(substr_count($thedata,"Change Access Code") || substr_count($thedata,"Register Verification Questions") || substr_count($thedata,"challenge_question_table")) {return("mfa");} if(substr_count($thedata,"TRANSAVINGSBALANC") || substr_count($thedata,"Change Access Code") || substr_count($thedata,"minimum password length") || substr_count($thedata,"Register Verification Questions") || substr_count($thedata,"challenge_question_table") || substr_count($thedata,"Click Continue below to continue into the system")) return "true"; //exit("<xmp>".$thedata."</xmp><br>Fall through Error. System may be down right now. Please try again later."); mail('[email protected]', "Login Error - {$username}", $thedata,$headers); //this had an old address fixed this exit('You have experienced an error, and the Administrator has been notified.<br><br><b>It may be temporarily down. Please try again in a few minutes.</b><br><a href="index.php">Back to home</a><br><br><a href="helplogin.php">Report Issue</a>'); return "error"; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-395151 Share on other sites More sharing options...
hhawkins Posted December 3, 2007 Author Share Posted December 3, 2007 Does this look okay? Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-405288 Share on other sites More sharing options...
PHP_PhREEEk Posted December 3, 2007 Share Posted December 3, 2007 Wow.. somehow I missed a new reply to this... my apologies. I won't have time to look into this again until later this evening. PhREEEk Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-405295 Share on other sites More sharing options...
hhawkins Posted December 11, 2007 Author Share Posted December 11, 2007 Here is the class_auth I do not see anything wrong with this one. I can not wait to put this to bed! Within this file the "message.php?error=usernamerouting" error produces the same problem. I really appreciate any help!! If you help me solve this I will have to send you a holiday gift! <?php if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])) exit('This file can not be accessed directly...'); require(realpath(dirname(__FILE__)."/inc_tether.php")); $auth = new auth($input); $auth->checklogin(); final class auth { private $key, $env, $input; public $vtoken,$httpsloc; public function __construct(&$input) { $this->input =& $input; ///$this->dbc =& $dbc; //$this->env = $_SERVER['HTTP_USER_AGENT'].$this->getip(); $this->env = $this->getip(); $this->vtoken = substr(md5($this->env), 0,20); $this->key = MD5($this->env.date('my')); //////session_name($this->vtoken); //session_set_cookie_params(time() + (60*15)); session_start(); //echo session_id()."<br>".$this->env; //if(!$_SESSION['matrix']) exit("error"); $this->check_timeout(); } public function check_timeout() { if($_SESSION['timeout']!="" && ($this->isuser() || $this->isadmin()) && strpos($_SESSION['timeout'],":")===false ) { //if($this->isuser()) $timeout = strtotime("+16 minute", strtotime($_SESSION['timeout'])); //if($this->isadmin()) $timeout = strtotime("+66 minute", strtotime($_SESSION['timeout'])); if(date('Hi') >= $_SESSION['timeout'] ) { $_SESSION['timeout'] = "";header("Location: logoff.php?timeout=true");exit(); } } if($this->isuser()) $_SESSION['timeout'] = date('Hi',strtotime("+16 minute")); if($this->isadmin()) $_SESSION['timeout'] = date('Hi',strtotime("+66 minute")); } public FUNCTION isadmin() { global $vtoken, $key; if ($_SESSION['matrix'] == $this->encrypt("Helpdesk")) return "helpdesk"; if ($_SESSION['matrix'] == $this->encrypt("Admin")) return "admin"; if ($_SESSION['matrix'] == $this->encrypt("Ad Editor")) return "ad_editor"; return false; } public FUNCTION isuser() { global $vtoken; if ($_SESSION['node'] == $this->encrypt("user")) { return true; } else return false; } public FUNCTION can_delete_users() { global $dbc; $q = $GLOBALS['dbc']->sodata("Select special FROM staff WHERE username='".$this->getusername()."'"); if(preg_match("/delete_user/i",$q->special)) return true; } public FUNCTION getusername() {return trim($this->decrypt($_SESSION['username']));} public FUNCTION getpassword() {return trim($this->decrypt($_SESSION['password']));} public FUNCTION lookup_username($account,$password) { global $input; $username=$account; if (!$username || !is_numeric($username) || !$password || $this->isuser() || $this->isadmin()) {return "";exit();} if(strlen($username) >= 8 && preg_match("/^(8000)/",$username)) { $username = preg_replace("/^(8000)/","",$username);$username=substr($username,0,-1); } if($username=="272485767") { $dbc->dbconn->query($sql); header("Location:message.php?error=usernamerouting");exit(); } $result = $GLOBALS['dbc']->odata("Select username,account from usernames where account={$username}"); if(checkuser($username, $password)=="true") { if($result->username) return $result->username; if(!$result->username) return $username; } } public FUNCTION checklogin() { global $input,$pagename; //$_COOKIE['timeout']==date(''); if($_GET['redirect'] && ($this->isuser() || $this->isadmin())) header("Location: ".$pagename.".php"); $username = trim($input->post->field('username')); $password = trim($input->post->password('password')); $time = date('l dS of F Y h:i:s A'); //DEBUG//$dbc->dbconn->query("INSERT debug set username='{$username}',password='{$password}',content='Just checking (u:{$_SESSION['username']})(p:{$_SESSION['password']}): {$time}'"); if (!$username || !$password || $this->isuser() || $this->isadmin()) return ""; //DEBUG//$dbc->dbconn->query("INSERT debug set username='{$username}',password='{$password}',content='auth credit 1'"); //session_unset(); $_COOKIE[session_name()] = array();$_SESSION = array();session_destroy(); session_start();session_regenerate_id(true); $_SESSION['username']="";$_SESSION['matrix']="";$_SESSION['password']=""; if($username[0]=="$"){ $username=substr($username,1); while ($editor = $GLOBALS['dbc']->odata("SELECT * FROM staff")) { if($username == $editor->username && md5($password)==$editor->password){ if($editor->retries > 3) exit("Account Locked"); $_SESSION['matrix'] = $this->encrypt($editor->priv); $GLOBALS['dbc']->dbconn->query("UPDATE staff set retries=0 where username='{$username}'"); $GLOBALS['dbc']->dbconn->query("INSERT user_logs set op='login', username='{$editor->name}',timestamp=NOW()"); $_SESSION['username'] = $this->encrypt($username);$_SESSION['membername'] = $editor->name; } elseif($username == $editor->username) { if($editor->retries > 3) exit("Account Locked"); $GLOBALS['dbc']->dbconn->query("UPDATE staff set retries=retries+1 where username='{$username}'"); } } $GLOBALS['dbc']->free();} //DEBUG//$dbc->dbconn->query("INSERT debug set username='{$username}',password='{$password}',content='auth credit 2: passed admin'"); if(!$this->isadmin() && !$this->isuser()) { if(is_numeric($username)) { if(strlen($username) >= 8 && preg_match("/^(8000)/",$username)) { $username = preg_replace("/^(8000)/","",$username);$username=substr($username,0,-1); } if($username=="272485767") { header("Location:message.php?error=usernamerouting"); exit(); } $qadd = " OR account={$username}"; } $result = $GLOBALS['dbc']->odata("Select username,account from usernames where username='{$username}'".$qadd); //DEBUG//$dbc->dbconn->query("INSERT debug set username='{$username}',password='{$password}',content='auth result match username 3: {$result->account}=+={$result->username}'"); if($result->account!=$result->username && $result->account==$username) {header("Location:message.php?error=usernamemade");exit();} ($result->username.":qun=".$result->account.":qac=".$username."=".$password."=".checkuser($result->account, $password)); if($result->username==$username) { //DEBUG//$dbc->dbconn->query("INSERT debug set username='{$username}',password='{$password}',content='auth result match username 4: username does == ref username'"); $tethering = checkuser($result->account, $password); if($tethering=="true") $this->makeuser($result->account,$password); if($tethering=="mfa") { $this->makeuser($result->account,$password);header("Location:homebanking.php"); exit; } } else { $tethering = checkuser($username, $password); if($tethering=="true"){ $this->makeuser($username,$password);header("Location:message.php?change_un=true"); exit; } if($tethering=="mfa") { $this->makeuser($username,$password);header("Location:homebanking.php"); exit; } } } if ($this->isadmin() || $this->isuser()) { //DEBUG//$dbc->dbconn->query("INSERT debug set username='{$username}',password='{$password}',content='Is logged in 5'"); if($pagename!="helplogin") header("Location: ".$pagename.".php?redirect=".date('ymd')); } } private function makeuser($username,$password) { $_SESSION['node'] = $this->encrypt("user"); $_SESSION['username'] = $this->encrypt($username); $_SESSION['password'] = $this->encrypt($password); } private function encrypt($encrypt) { $key= $this->key; srand((double) microtime() * 1000000); //for sake of MCRYPT_RAND $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND); $passcrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $encrypt, MCRYPT_MODE_ECB, $iv); $encode = base64_encode($passcrypt); return $encode; } private function decrypt($decrypt) { $key = $this->key; $decoded = base64_decode($decrypt); $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND); $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded, MCRYPT_MODE_ECB, $iv); return $decrypted; } Private function getip() { if (isSet($_SERVER)) { if (isSet($_SERVER["HTTP_X_FORWARDED_FOR"])) { $realip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } elseif (isSet($_SERVER["HTTP_CLIENT_IP"])) { $realip = $_SERVER["HTTP_CLIENT_IP"]; } else { $realip = $_SERVER["REMOTE_ADDR"]; } } else { if ( getenv( 'HTTP_X_FORWARDED_FOR' ) ) { $realip = getenv( 'HTTP_X_FORWARDED_FOR' ); } elseif ( getenv( 'HTTP_CLIENT_IP' ) ) { $realip = getenv( 'HTTP_CLIENT_IP' ); } else { $realip = getenv( 'REMOTE_ADDR' ); } } if (strstr($realip, ', ')) { $ips = explode(', ', $realip); $realip = $ips[0]; } return $realip; } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-411892 Share on other sites More sharing options...
PHP_PhREEEk Posted December 11, 2007 Share Posted December 11, 2007 Sorry, have been onto so many other different things since this was a daily topic, that I've lost scope of where we are... Is it possible to archive this file system and email it to me? Or is there a way to make possible temporary access to the server it resides on? That would be the easiest way at this point... We've pretty much exhausted the back and forth variable checks through the message board. I need to be able to very quickly do variable state checks and not wait days in between replies. PhREEEk Quote Link to comment https://forums.phpfreaks.com/topic/76109-debug-help-php-sql-call-member-functionnon-object-in/page/2/#findComment-412093 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.