Rectangle 27 1

debugging Reference What does this error mean in PHP?


// ... some code using PDO
$statement = $pdo->prepare('invalid query', ...);
$statement->execute(...);

A typical example would be

Figure out why your function returned a boolean instead of an object. For example, check the $pdo object for the last error that occurred. Details on how to debug this will depend on how errors are handled for the particular function/object/class in question.

Happens with code similar to xyz->method() where xyz is not an object and therefore that method can not be called.

If even the ->prepare is failing then your $pdo database handle object didn't get passed into the current scope. Find where it got defined. Then pass it as a parameter, store it as property, or share it via the global scope.

In the example above, the query cannot be prepared and prepare() will assign false to $statement. Trying to call the execute() method will then result in the Fatal Error because false is a "non-object" because the value is a boolean.

Most often this is a sign that the code has missing checks for error conditions. Validate that an object is actually an object before calling its methods.

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


// ... some code using PDO
$statement = $pdo->prepare('invalid query', ...);
$statement->execute(...);

A typical example would be

Figure out why your function returned a boolean instead of an object. For example, check the $pdo object for the last error that occurred. Details on how to debug this will depend on how errors are handled for the particular function/object/class in question.

Happens with code similar to xyz->method() where xyz is not an object and therefore that method can not be called.

If even the ->prepare is failing then your $pdo database handle object didn't get passed into the current scope. Find where it got defined. Then pass it as a parameter, store it as property, or share it via the global scope.

In the example above, the query cannot be prepared and prepare() will assign false to $statement. Trying to call the execute() method will then result in the Fatal Error because false is a "non-object" because the value is a boolean.

Most often this is a sign that the code has missing checks for error conditions. Validate that an object is actually an object before calling its methods.

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


If this error occurred when your script was not doing memory-intensive work, you need to check your code to see whether there is a memory leak. The memory_get_usage function is your friend.

The first thing to do is to minimise the amount of memory your script needs. For instance, if you're reading a large file into a variable or are fetching many records from a database and are storing them all in an array, that may use a lot of memory. Change your code to instead read the file line by line or fetch database records one at a time without storing them all in memory. This does require a bit of a conceptual awareness of what's going on behind the scenes and when data is stored in memory vs. elsewhere.

There is not enough memory to run your script. PHP has reached the memory limit and stops executing it. This error is fatal, the script stops. The value of the memory limit can be configured either in the php.ini file or by using ini_set('memory_limit', '128 M'); in the script (which will overwrite the value defined in php.ini). The purpose of the memory limit is to prevent a single PHP script from gobbling up all the available memory and bringing the whole web server down.

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


Sometimes the wrong file or directory names are used, the fix is then to use the right ones.

The fix is normally to change the PHP configuration, the related setting is called open_basedir.

The warning itself does not break anything, but most often a script does not properly work if file-access is prevented.

This occurs most often on a shared host, people don't usually lock themselves out of directories :-)

This warning can appear with various functions that are related to file and directory access. It warns about a configuration issue.

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


$query = "UPDATE `posts` SET my_text='I'm a PHP newbie' WHERE id=10';

@gladoscc Click "edit" and modify the answer. I am aware it can be improved.

An example of what not to do (the "Bad Idea"):

And when this query is sent to MySQL, it will complain that the syntax is wrong, because there is an extra single quote in the middle.

Escaping data before use in a SQL query is also very important because if you don't, your script will be open to SQL injections. An SQL injection may cause alteration, loss or modification of a record, a table or an entire database. This is a very serious security issue!

Or use a prepared sql query.

This code could be included in a page with a form to submit, with an URL such as http://example.com/edit.php?id=10 (to edit the post n10)

This error is often caused because you forgot to properly escape the data passed to a MySQL query.

To avoid such errors, you MUST always escape the data before use in a query.

What will happen if the submitted text contains single quotes? $query will end up with:

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


$query = "UPDATE `posts` SET my_text='I'm a PHP newbie' WHERE id=10';

@gladoscc Click "edit" and modify the answer. I am aware it can be improved.

An example of what not to do (the "Bad Idea"):

And when this query is sent to MySQL, it will complain that the syntax is wrong, because there is an extra single quote in the middle.

Escaping data before use in a SQL query is also very important because if you don't, your script will be open to SQL injections. An SQL injection may cause alteration, loss or modification of a record, a table or an entire database. This is a very serious security issue!

Or use a prepared sql query.

This code could be included in a page with a form to submit, with an URL such as http://example.com/edit.php?id=10 (to edit the post n10)

This error is often caused because you forgot to properly escape the data passed to a MySQL query.

To avoid such errors, you MUST always escape the data before use in a query.

What will happen if the submitted text contains single quotes? $query will end up with:

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


$query = "UPDATE `posts` SET my_text='I'm a PHP newbie' WHERE id=10';

@gladoscc Click "edit" and modify the answer. I am aware it can be improved.

An example of what not to do (the "Bad Idea"):

And when this query is sent to MySQL, it will complain that the syntax is wrong, because there is an extra single quote in the middle.

Escaping data before use in a SQL query is also very important because if you don't, your script will be open to SQL injections. An SQL injection may cause alteration, loss or modification of a record, a table or an entire database. This is a very serious security issue!

Or use a prepared sql query.

This code could be included in a page with a form to submit, with an URL such as http://example.com/edit.php?id=10 (to edit the post n10)

This error is often caused because you forgot to properly escape the data passed to a MySQL query.

To avoid such errors, you MUST always escape the data before use in a query.

What will happen if the submitted text contains single quotes? $query will end up with:

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


$query = "UPDATE `posts` SET my_text='I'm a PHP newbie' WHERE id=10';

@gladoscc Click "edit" and modify the answer. I am aware it can be improved.

An example of what not to do (the "Bad Idea"):

And when this query is sent to MySQL, it will complain that the syntax is wrong, because there is an extra single quote in the middle.

Escaping data before use in a SQL query is also very important because if you don't, your script will be open to SQL injections. An SQL injection may cause alteration, loss or modification of a record, a table or an entire database. This is a very serious security issue!

Or use a prepared sql query.

This code could be included in a page with a form to submit, with an URL such as http://example.com/edit.php?id=10 (to edit the post n10)

This error is often caused because you forgot to properly escape the data passed to a MySQL query.

To avoid such errors, you MUST always escape the data before use in a query.

What will happen if the submitted text contains single quotes? $query will end up with:

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


$query = "UPDATE `posts` SET my_text='I'm a PHP newbie' WHERE id=10';

@gladoscc Click "edit" and modify the answer. I am aware it can be improved.

An example of what not to do (the "Bad Idea"):

And when this query is sent to MySQL, it will complain that the syntax is wrong, because there is an extra single quote in the middle.

Escaping data before use in a SQL query is also very important because if you don't, your script will be open to SQL injections. An SQL injection may cause alteration, loss or modification of a record, a table or an entire database. This is a very serious security issue!

Or use a prepared sql query.

This code could be included in a page with a form to submit, with an URL such as http://example.com/edit.php?id=10 (to edit the post n10)

This error is often caused because you forgot to properly escape the data passed to a MySQL query.

To avoid such errors, you MUST always escape the data before use in a query.

What will happen if the submitted text contains single quotes? $query will end up with:

Note
Rectangle 27 1

debugging Reference What does this error mean in PHP?


$query = "UPDATE `posts` SET my_text='I'm a PHP newbie' WHERE id=10';

@gladoscc Click "edit" and modify the answer. I am aware it can be improved.

An example of what not to do (the "Bad Idea"):

And when this query is sent to MySQL, it will complain that the syntax is wrong, because there is an extra single quote in the middle.

Escaping data before use in a SQL query is also very important because if you don't, your script will be open to SQL injections. An SQL injection may cause alteration, loss or modification of a record, a table or an entire database. This is a very serious security issue!

Or use a prepared sql query.

This code could be included in a page with a form to submit, with an URL such as http://example.com/edit.php?id=10 (to edit the post n10)

This error is often caused because you forgot to properly escape the data passed to a MySQL query.

To avoid such errors, you MUST always escape the data before use in a query.

What will happen if the submitted text contains single quotes? $query will end up with:

Note