MySQL within classes causing frustration

Question

I have this code:

<?php 

class guildData {

    public $email = NULL;
    public $hash_pw = NULL;
    public $user_id = NULL;
    public $clean_username = NULL;
    public $display_username = NULL;

    public function selectGuild($g_id)
    {
            global $db,$db_table_prefix;

            $this->g_id = $g_id;

            $sql = "SELECT
                            name
                            FROM
                            guild
                            WHERE
                            id = '".$g_id."'";

            $result = $db->sql_query($sql);

            $row = $db->sql_fetchrow($result);

            return ($row['name']);
    }
}
?>
<?php echo $guildData->selectGuild(1); ?>

I'm simply getting a 500 error and IDEone gave me this also:

Fatal error: Call to a member function selectGuild() on a non-object in /home/VT00Ds/prog.php on line 32

I can not see the error, can you help me?

Answer 1

You are doing it wrong.

1. Get rid of the global variables. Instead , if the class needs DB access , then you should inject it in the constructor:

   class GuildData
   {
       //  ... snip 
   
       protected $connection;
   
       public function __construct( PDO $connection )
       {
           $this->connection = $connection;
       }
   
       //  ... snip 
   }
   

2. Your code has potential for SQL injections. Instead of concatenating the query, you should use prepared statements:

   $statement = $this->connection->prepare(
                   'SELECT name FROM guild WHERE id = :id'
                );
   $statement->bindParam( ':id', $this->g_id, PDO::PARAM_INT );
   if ( $statement->execute() )
   {
       $data = $statement->fetch( PDO::FETCH_ASSOC );
   }
   

3. You have to instantiate object, before you can use them:

   $pdo = new PDO('mysql:host=localhost;dbname=myMagicalDB;charset=UTF-8', 
                  'username', 'password');
   $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
   $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
   
   $guild = new GuildData( $pdo );
   $guild->selectGuild(42);
   

4. You might consider separating the part with deals with DB from the domain logic. Essentially letting some other class to handle the fetching and storing the data, while the Guild class manages the logic. You might find this and this answer relevant.

5. Do not use public variables. You are breaking the encapsulation of the object by directly exposing the internal data. Instead you should define them as protected or private.

   You might also take a hard look at what you are actually keeping there. Why does GuildData need $hash_pw or $clean_username ?

Answer 2

You haven't instantiated $guildData. If you want to use this method without instantiating an object, the method should be static.

class guildData {
    public static function selectGuild($g_id) { ... }
}

Then you can call it from

echo guildData::selectGuild(1);

Otherwise, you need to instantiate an object

$guildData = new GuildData();

echo $guildData->selectGuild(1);

Also, you should have some sort of __construct() method in there, in order to set up your member variables.

UPDATE I also noticed an error in your selectGuild() method:

$this->g_id = $g_id;

Sets the value of g_id, which is not defined as a member variable in the class. You must declare g_id as a member variable in your class definition:

class guildData {
    public $email = NULL;
    public $hash_pw = NULL;
    public $user_id = NULL;
    public $clean_username = NULL;
    public $display_username = NULL;

    public $g_id = NULL;

    .
    .
    .

}

Finally, sql_query() is not a PHP method that I've ever heard of. Unless you're using a library that defines these methods, I think you mean mysql_query(). If this is the case, you should stop using mysql_* functions. They're being deprecated. Instead use PDO (supported as of PHP 5.1) or mysqli (supported as of PHP 4.1). If you're not sure which one to use, read this SO article.