← Back to glossary

Null Reference Errors

php PHP 5.0+ Beginner

Also Known As

null pointer null reference Call to member function on null NullPointerException nullsafe operator null check

TL;DR

Errors caused by calling methods or accessing properties on null — PHP's 'Call to a member function X() on null' and JavaScript's 'Cannot read properties of null' are the most common runtime errors in both languages.

Explanation

A null reference error occurs when code assumes a variable holds an object but it holds null instead. In PHP: $user->getName() when $user is null throws 'Call to a member function getName() on null'. Common causes: database queries that return null when no record is found (User::find($id) returns null if the user does not exist); optional relationships not loaded; functions that return null on failure without signalling this in the type signature. Solutions: null checks (if ($user !== null)); nullsafe operator (PHP 8.0+: $user?->getName()); strict return types and null coalescing ($user ?? throw new NotFoundException()); using findOrFail() in Eloquent which throws ModelNotFoundException instead of returning null. In JavaScript: optional chaining (user?.name) prevents the error. PHP 8.0's nullsafe operator (?->) chains method calls that short-circuit to null if any step is null.

Common Misconception

✗ Checking for null everywhere with if ($x !== null) is the correct defensive approach. Null checks scattered throughout code indicate a design problem — the question is why the value can be null at that point. The better approach is to make nullability explicit in type signatures (function findUser(): ?User), handle null at the boundary where it enters the system (throw early if required data is missing), and use PHP 8's nullsafe operator for optional chains. Defensive null checks deep in business logic hide the real issue.

Why It Matters

Null reference errors are the most frequent runtime error in PHP applications. They appear when a database record is not found, an optional field is unset, or a service returns null on failure. Understanding where null comes from and handling it at the correct layer — the data access layer, not scattered throughout business logic — produces more robust code. PHP 8's nullsafe operator (?->) makes null-safe chains readable without nested if-blocks.

Common Mistakes

Using User::find($id) without checking for null — use findOrFail($id) to throw an exception, or check $user !== null before use.
Accessing relationship properties without checking if the relationship is loaded — $post->author->name throws if author is null (no related record).
Not declaring return types as nullable (?User) when a function can return null — the type signature should communicate nullability.
Suppressing the error with @ instead of handling it — @$user->name silences the error but the variable is still null and the behaviour is undefined.

Code Examples

✗ Vulnerable

// No null check — throws on missing user
$user = User::find($id);
echo $user->getName(); // 'Call to member function on null'

// Nested null checks — verbose and easy to miss
if ($user !== null) {
    if ($user->getProfile() !== null) {
        echo $user->getProfile()->getAvatar();
    }
}

✓ Fixed

// findOrFail throws ModelNotFoundException — handled centrally
$user = User::findOrFail($id);
echo $user->getName(); // safe — exception if not found

// PHP 8 nullsafe operator — chains short-circuit to null
echo $user?->getProfile()?->getAvatar() ?? 'default-avatar.png';

// Eloquent: fail fast at the data layer
try {
    $order = Order::findOrFail($orderId);
} catch (ModelNotFoundException $e) {
    return response()->json(['error' => 'Order not found'], 404);
}

References

↗ https://www.php.net/manual/en/language.oop5.nullsafe.php