Jump to content

phreak3r

Members
  • Content count

    64
  • Joined

  • Last visited

Community Reputation

1 Neutral

About phreak3r

  • Rank
    Regular Member
  1. phreak3r

    PDO: Problem with login system

    Nevermind, Kev, I sorted it out.
  2. phreak3r

    PDO: Problem with login system

    Yeah, this is pretty frustrating. I do not like how things are so split up like that. I prefer to have: if ($row && password_verify($password, $row['password'])) {} But that doesn't work either, I went from fixing things to breaking them again.
  3. phreak3r

    PDO: Problem with login system

    I sort of understand, I took away or changed whatever I had as $result in order to get the PDO working, well...sort of working. So, with just if ($row) {} else {} there should be no need for if ($row == 1 && password_verify($password, $row['password'])) {}? At least that is what I am getting from this...
  4. phreak3r

    PDO: Problem with login system

    Nevermind, $row is now printing out the array. But, still not logging in properly.
  5. phreak3r

    PDO: Problem with login system

    Welp, $row is not printing anything out at all.
  6. I have been converting parts of my codebase over from procedural MySQLi to PDO. I have had trouble at the moment, I am being hit with an 'incorrect password or username" error, when I know that I am for a face using the correct username and password. Anything funny looking here? <?php include('header.php'); require('dbcon/dbcon.php'); // if fields in form are set and submitted, check if user exists and is logged in or not if ($_SERVER['REQUEST_METHOD'] == 'POST') { $databaseClass = new Database; $dbconnect = $databaseClass->connectToDatabase(); $username = $_POST['username']; $password = $_POST['password']; $stmt = $dbconnect->prepare("SELECT * FROM profile0 WHERE username = :username"); $stmt->bindParam(':username', $username); $stmt->execute(); $count = $stmt->fetchColumn(); $row = $stmt->fetch(PDO::FETCH_ASSOC); //$row = $stmt->fetch(PDO::FETCH_ASSOC); // if username and password match, init session and redirect to another page. if ($row == 1 && password_verify($password, $row['password'])) { $_SESSION['logged_in_user'] = $username; // set to IDnum later on... $_SESSION['username'] = $username; // check if the user is logged in // if so, redirect to main page for logged-in users. if (isset($_SESSION['logged_in_user'])) { $_SESSION['logged_in_user'] = TRUE; header('Location: main.php'); } else { // not logged in, keep on same page... session_destroy(); exit(); } } else if ($username != $row['username'] || $password != $row['password']) { echo "Incorrect username or password."; } } // test var_dump($username); var_dump($password); ?>
  7. phreak3r

    Call to a member function query() on null

    Okay, thank you!
  8. phreak3r

    Call to a member function query() on null

    Ah, well, I am still new to this. But, okay, I guess I will just start using and learning PDO. The answer isn't much help to me, but thanks?
  9. The code is a bit of a mess. I am trying to convert this procedural code to OO style. I have already done so in the dbcon/dbcon.php class, however, I am trying to get the database connected and working to retrieve information from the database. I am being given an "Call to a member function query() on null" error. Any help? I have sort of started converting the channel/channel.php class over to OO style. I am new to doing things in the object-oriented format, I have preferred procedural, but it will only make things easier in the future to start re-writing the codebase in an object oriented format. Thanks for the assistance! Code for dbcon.php: <?php define('HOST', 'localhost'); define('USERNAME', 'root'); define('PASSWORD', '1234'); define('DATABASE_NAME', 'soapbox'); class databaseAccess { //mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); public $conn; function __construct() { $this->connectToDatabase(); } // connection to database function connectToDatabase() { //mysqli::select_db(DATABASE_NAME); $this->conn = new mysqli(HOST, USERNAME, PASSWORD, DATABASE_NAME); } /*if (!$conn) { die("Connection failed: " . mysqli_connect_error()); } else { echo "Connection successful!"; } if (!mysqli_select_db($conn, $database)) { echo " Database not selected!"; } else { echo " Database selected!"; }*/ } ?> Code for channel.php: <!-- TODO: - Move elements to separate stylesheet --> <?php include('../header.php'); require('../dbcon/dbcon.php'); include('../functions.php'); isLoggedIn(); $dbcon = new databaseAccess(); $conn = $dbcon->connectToDatabase(); $sql = "SELECT avatar, bio, account_open_date, user_id from profile0 WHERE username = '". $_SESSION['username'] . "' "; $result = $conn->query($sql); $row = mysqli_fetch_assoc($result); $userID = $row['user_id']; $url = "/soapbox/"; $avatar = $row['avatar']; $bio = $row['bio']; $join_date = date('F j, Y', strtotime($row['account_open_date'])); $username = $_SESSION['username']; $sql = "SELECT video_id, thumbnail, video_title from videos0 WHERE uploader='$username'"; $result = mysqli_query($conn, $sql); $num = mysqli_num_rows($result); ?>
  10. phreak3r

    Any problems with this code?

    Sorry, ran out of time to edit the first post... if (is_uploaded_file($fileName) && is_uploaded_file($thumbnailImageName) && !empty($videoTitle)) { $sql = "INSERT into videos0 (uploader, video, thumbnail, video_title, video_desc) VALUES ('$username', '$fileDestination', '$thumbnailImageDestination', '$videoTitle', '$videoDesc')"; $result = mysqli_query($conn, $sql); header('Location: /soapbox/upload.php?success'); } else { echo "Empty fields!"; var_dump($file); var_dump($thumbnailImageFile); var_dump($videoTitle); }
  11. phreak3r

    Any problems with this code?

    -It was just a size that I guessed, it was bigger and allowed me to upload some test thumbnails during the time. -Yeah, I am working on a system for that. But, in what context do you mean clean up the thumbnails? -I will put separators back into the thumbnail file name. -That particular function only accepts strings as parameters, not arrays. I tried with the array, did not work. -I do not quite understand this one. So, even if errors are given out, you can still upload a video if you have a video, thumbnail, and title? -Overwriting the video file? I did not know I did that.. - Yeah, it is just a test for now, but will be fixed in a matter of time. Erm...Thank You!?
  12. phreak3r

    Any problems with this code?

    Yeah, there is a lot of cleaning up I have to do. Here's the particular excerpt: https://hastebin.com/awekisanuf.bash
  13. Aside from the lack of security against SQL injection attacks, is there any other issue with this code? I cannot seem to get files to upload to the server anymore. I am being prompted with some var_dumps and the message I echoed out in the else part of the if-else statement at the bottom of this script. I have tried using isset, empty, and is_uploaded_file functions for the if-else statement at the bottom, nothing seems to work. If you remove the if-else statement, the code works, but I put the if-else statement there to prevent empty forms and missing fields from being submitted. Here's a hastebin link to the script: https://hastebin.com/denorunera.xml
  14. phreak3r

    Linking Users To Correct Videos

    Nevermind, I figured out your suggestion. Thank you!
  15. phreak3r

    Linking Users To Correct Videos

    Not sure what you mean by the first one. I see why the usage of IDs are recommended, I will get to it. Thank You! EDIT: I am not using IDs at the moment.
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.