mysql - PHP DB connection and password verification

34

I have three errors

Warning: mysqli_stmt::fetch() expects exactly 0 parameters, 1 given in /Volumes/shared/Digital/_Websites/_TEST/qpm/classes/mysql.php on line 20

Notice: Trying to get property of non-object in /Volumes/shared/Digital/_Websites/_TEST/qpm/classes/mysql.php on line 23

Notice: Trying to get property of non-object in /Volumes/shared/Digital/_Websites/_TEST/qpm/classes/mysql.php on line 23

Here is my code

<?php 
require_once 'includes/constants.php';
class mysql{
    private $conn;

    function __construct(){
        $this->conn = $conn = new MySQLi(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME)
            or die ('There was an error in the connection');
        }

    function verify ($un, $pwd){


            $username = $un;
            $password = $pwd;
            if ($sth = $this->conn->prepare("SELECT pass FROM User WHERE username = '".$un."' LIMIT 1")) {
            $sth->execute();

            $user = $sth->fetch(PDO::FETCH_OBJ);

            // Hashing the password with its hash as the salt returns the same hash
            if (crypt($password, $user->hash) == $user->hash) {
              return true;
            } else { 

                return false; }

            }//end of if;

        }//end of verify

    }//enfd of class

Just trying to get pass and return true if its the same or false if not

Thanks

286

Answer

Solution:

Like many, many, many other php users, you are confusing 2 totally different APIs - mysqli and PDO.

Please, choose one, namely PDO, and make your code consistent with it.

Here goes the code with all the useless stuff taken out,
yet with proper things, namely prepared statements, added:

function verify ($un, $pwd)
{
    $sql = "SELECT pass FROM User WHERE username = ?"
    $sth = $this->conn->prepare($sql);
    $sth->execute(array($un));
    $pass = $sth->fetchColumn();
    return (crypt($pwd, $pass) == $pass);
}

but note that this function ofverify should not be a method ofmysql class

People are also looking for solutions to the problem: php - PHPExcel: After saving file, returning broken worksheet

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.