Undefined variable: mysqli , Fatal error: Call to a member function escape_string() on null

Question

I want to make login and register form for my web. Whenever I click on login page, seems that I have an error :

Undefined variable: mysqli and Fatal error: Call to a member function escape_string() on null

and here is my coding for login page:

<?php
/* User login process, checks if user exists and password is correct */

// Escape email to protect against SQL injections

$email = $mysqli->escape_string($_POST['email']);
$result = $mysqli->query("SELECT * FROM login WHERE email='$email'");

if ( $result->num_rows == 0 ){ // User doesn't exist
$_SESSION['message'] = "User with that email doesn't exist!";
header("location: error.php");
}
else { // User exists
$user = $result->fetch_assoc();

if ( password_verify($_POST['password'], $user['password']) ) {

    $_SESSION['email'] = $user['email'];
    $_SESSION['first_name'] = $user['first_name'];
    $_SESSION['last_name'] = $user['last_name'];
    $_SESSION['active'] = $user['active'];

    // This is how we'll know the user is logged in
    $_SESSION['logged_in'] = true;

    header("location: profile.php");
}
else {
    $_SESSION['message'] = "You have entered wrong password, try again!";
    header("location: error.php");
}
 }

The error was on:

$email = $mysqli->escape_string($_POST['email']);

Need some help to discover this error.

So where are you defining `$mysqli`? – Mark Baker May 05 '17 at 23:28 — Mark Baker, May 05 '17 at 23:28

score 0 · Accepted Answer · answered May 05 '17 at 23:32

the problem is with $mysqli not with escape_string because $mysqli is not defined
by the way here is a way de declare $mysqli

$mysqli = mysqli_connect("localhost","my_user","my_password","my_db");

// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

Undefined variable: mysqli , Fatal error: Call to a member function escape_string() on null

1 Answers1