This question already has an answer here:
I have the following problem.
This error persisting in accompanying me
Fatal error: Uncaught Error: Call to a member function fetchAll() on boolean in C:\xampp\htdocs\certificado\functions.php:49 Stack trace: #0 C:\xampp\htdocs\certificado\index.php(11): get_info_from_email('amanda_pandoka@...') #1 {main} thrown in C:\xampp\htdocs\certificado\functions.php on line 49
In the code below I can not understand the error. Can someone help me?
function connect() {
$socket = new PDO('mysql:host=' . @$host . ';dbname=' . @$nomedobancodedados,
@$usuario, @$senha);
$socket->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
return $socket;
}
function get_info_from_email($email) {
if (!$email)
return false;
global $db;
$sql = "
SELECT
id,
name,
email,
type,
data,
file
FROM
attendee
WHERE 1=1
AND email = '{$email}'
";
if ($info = $db->query($sql))
return false;
if ($info = $info->fetchAll())
return false;
return $info;
}
</div>
if ($info = $db->query($sql))
return false;
This says: if the result of $db->query($sql) can be stored in $info and is not something like false, null or an empty string or array, stop now and return false. So basically, if your query executes successfully and properly returns a PDOStatement with results in it, your function stops here.
if ($info = $info->fetchAll())
return false;
This is where you're getting the error. The fact that this code is reached at all means that the query failed to execute (otherwise, it would have returned false earlier). So basically, you're calling fetchAll() on false. Try to see what the error is here (do a print_r($db->errorInfo()); before this if-statement)
By the way, this if-statement will also cause your function to return false if the fetchAll() call was successful, which is probably not what you want. Additionally, by using $db->query() directly with the email address provided in the function call, you're leaving your code open to possible SQL injection attacks. As a rule, never trust any variable if you don't have 100% control over what's in it. You should use a prepared statement instead.
As another rule, always use curly braces on code blocks (if/elseif/else, for/foreach/while/do, try/catch/finally), because then you don't need to think about them anymore if you someday decide that the code block should do two things instead of one, and it's easier to debug code if you can visually see exactly what your code is trying to do.
This code (not tested) should work the way you want:
function get_info_from_email($email) {
if (!$email) {
return false;
}
global $db;
$stmt = $db->prepare("
SELECT
id,
name,
email,
type,
data,
file
FROM
attendee
WHERE 1=1
AND email = :email
");
// return false if the query cannot be executed
if (!$stmt->execute(array(':email' => $email))) {
return false;
}
// return false if there was an **error** retrieving the query results
if (($info = $stmt->fetchAll()) === false) {
return false;
}
return $info;
}
Continue like this
function get_info_from_email($email) {
if (!$email) {
return false;
}
global $db;
$sql = $db->prepare("
SELECT
id,
name,
email,
type,
data,
file
FROM
attendee
WHERE 1=1
AND email = :email
");
print_r($db->errorInfo());
// return false if the query cannot be executed
if (!$sql->execute(array(':email' => $info))) {
return false;
}
// return false if there was an **error** retrieving the query results
if (($info = $sql->fetchAll()) === false) {
return false;
}
return $info;
}