I need help with 2 warnings and 6 notices.
Notice: Trying to get property of non-object in on line 11
Notice: Trying to get property of non-object in on line 28
Notice: Trying to get property of non-object in on line 29
Notice: Trying to get property of non-object in on line 30
Notice: Trying to get property of non-object in on line 31
Notice: Trying to get property of non-object in on line 33
Warning: PDOStatement::execute(): SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'steamID' cannot be null in on line 34
I'm been trying to fix code for like 4 hours now and I just can't understand what the hell is going on...
<?php
require_once "../config.php";
require_once "../db.php";
if(!isset($_GET['secret']) || $_GET['secret'] != $config['bot_key_add']){
die("Access denied");
return;
}
$json = json_decode(file_get_contents("php://input"), false, 512, JSON_BIGINT_AS_STRING);
if((int)$json->userID ==)
return;
$weapon = urlencode($json->weapon);
$link = "http://steamcommunity.com/market/priceoverview/?currency=1&appid=730&market_hash_name=".$weapon;
$steam_price = file_get_contents($link);
$item_price = json_decode($steam_price, false, 512, JSON_BIGINT_AS_STRING);
if(empty($item_price) || $item_price->success == false || empty($item_price->median_price))
{
$price = 400;
}
else
{
$price = $item_price->median_price;
$price = str_replace("$" , "", $price);
$price = str_replace("$" , "", $price);
$price = round(str_replace(",",".",$price), 2);
}
$saveWeapon = $pdo->prepare("INSERT INTO `{$config['db_prefix']}users_items` (`steamID`, `classid`, `assetid`, `weapon_name`, `price`, `float`) VALUES (:steamId , :classid , :assetid , :weaponName , :price, :float)");
$saveWeapon->execute([ ":steamId" => $json->userID,
":classid" => $json->classid,
":assetid" => $json->assetid,
":weaponName" => $json->weapon,
":price" => $price,
":float" => $json->color
]);
?>
Basically your file_get_contents("php://input") doesnt return a file object, so rest is failing (all the warnings) due to missing file object. So "file_get_contents" can't open the correct file and steam is answering with error. Rest is a follow up error.
You can avoid this by checking and sanitizing the input to your script and abort if check fail.
It looks like your json decode is failing. The lines where you're getting the Notices are where you're trying to treat $json as an object.
Per http://php.net/manual/en/function.json-decode.php , when json decode fails it returns null, which you can't treat as an object.
I suggest sticking some error checking after the json decode, with http://php.net/manual/en/function.json-last-error-msg.php
if($json === null) {
throw new Exception(json_last_error_msg());
}
Note that if you're on php prior to 5.5.0, you'll need to define that function (from that function reference)
if (!function_exists('json_last_error_msg')) {
function json_last_error_msg() {
static $ERRORS = array(
JSON_ERROR_NONE => 'No error',
JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
JSON_ERROR_STATE_MISMATCH => 'State mismatch (invalid or malformed JSON)',
JSON_ERROR_CTRL_CHAR => 'Control character error, possibly incorrectly encoded',
JSON_ERROR_SYNTAX => 'Syntax error',
JSON_ERROR_UTF8 => 'Malformed UTF-8 characters, possibly incorrectly encoded'
);
$error = json_last_error();
return isset($ERRORS[$error]) ? $ERRORS[$error] : 'Unknown error';
}
}
You get 400 Bad Request while try to file_get_contents():
$link = "http://steamcommunity.com/market/priceoverview/?currency=1&appid=730&market_hash_name=".$weapon;
$steam_price = file_get_contents($link);
And then you try to json_decode this response and your $item_price will be null. Second warning because your INSERT try to add row with all null fields but steamID cannot be null