可捕获的致命错误：类mysqli的对象无法在第8行转换为字符串[关闭]

I tried checking many time , still gives me this error. Actually i am trying to create a php file with the contents of $output in it .

<?php 
include 'dbconfig.php';
$rand = $_GET['rand'];
$filename = $rand.".php";
$output = "<?php"; 
$output .="include '../dbconfig.php';";
$output .="$myself = basename(__FILE__, '.php'); ";
$output .="$query = mysqli_query($dbconfig,\"Select command from records where token = '$myself'\");";
$output .="if(mysqli_num_rows($query) > 0)";
$output .="{";
$output .="while($row=$query->fetch_assoc())";
$output .="{";
$output .="$command = $row[command];";
$output .="}";
$output .="echo 'exec $command endexec';";
$output .="}";
$output .="?>";
$file = fopen("puppet\$filename","w");
fwrite($file,$putput);
$check = "Select * from records where usertoken = $rand";
$check1 = mysqli_query($dbconfig,$check);
if(mysqli_num_rows($check1)== 0){
$ins = "Insert into records (usertoken)Values('$rand')";
if(mysqli_query($dbconfig,$ins)){
$success=true;
}
}else{
$success=false;
}
?>

I'm gonna go ahead a 'guess' that this is actually php trying to do the thing it does when it parses strings with double quotes. It will evaluate variables and stuff in the string when it runs.

Try single quoting the strings...

<?php 
    include 'dbconfig.php';
    $rand = $_GET['rand'];
    $filename = $rand.'.php';
    $output = '<?php'; 
    $output .='include \'../dbconfig.php\';';
    $output .='$myself = basename(__FILE__, \'.php\'); ';
    $output .='$query = mysqli_query($dbconfig, "Select command from records where token = \'$myself\'");';
    $output .='if(mysqli_num_rows($query) > 0)';
    $output .='{';
    $output .='while($row=$query->fetch_assoc())';
    $output .='{';
    $output .='$command = $row[command];';
    $output .='}';
    $output .='echo \'exec $command endexec\';';
    $output .='}';
    $output .='?>';
    $file = fopen("puppet\$filename","w");
    fwrite($file,$output);
    $check = "Select * from records where usertoken = $rand";
    $check1 = mysqli_query($dbconfig,$check);
    if(mysqli_num_rows($check1)== 0){
        $ins = "Insert into records (usertoken)Values('$rand')";
        if(mysqli_query($dbconfig,$ins)){
            $success=true;
        }
    }else{
        $success=false;
    }
?>