shan Posted October 5, 2015 Share Posted October 5, 2015 (edited) recently i changed my password for my mysql DB and after that the class method for the login form seems to be not working pl help me. And it doesn't throw up any errors too. the code in dbconfig.inc.php where the class is initiated is as follows: <?php session_start(); $host="localhost"; $dbName="project"; $dbUname="root"; $dbPass="*****"; try { $conn=new PDO("mysql: host=$host;dbname=$dbName; charset=utf8", $dbUname, $dbPass); $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { $e->getMessage(); } require_once 'classes.inc.php'; $project= new projecteg($conn); the login logic script page is as follows:(i tried to var_dump user its not working) <?php include_once 'dbconfig.inc.php'; if (isset($_POST['submit-login'])) { $uname= htmlentities($_POST['unamel']); $unamel= stripslashes($uname); echo "$unamel"; $pass= htmlentities($_POST['passl']); $pass1= stripslashes($pass); echo $pass1; $passl= md5($pass1); $user = $project->viewProtectedArea($unamel,$passl); print_r($user); if (isset($user)) { $_SESSION['id']=$user['user_id']; $_SESSION['fname']=$user['fname']; $_SESSION['lname']=$user['lname']; $_SESSION['uname']=$user['uname']; $_SESSION['email']=$user['email']; $_SESSION['phone']=$user['phone']; $_SESSION['app']=TRUE; $user_ok=TRUE; header("location: ../home.php?u={$_SESSION['uname']}"); } else { header("location: ../index.php?nosession"); } } /* if (isset($_SESSION['app'])&&$_SESSION['uname']!="") { header("location: ../home.php?u=".$_SESSION['uname']); } else { header("location: ../index.php?usernotfound?id=017"); } */ the class method logic is as follows: public function viewProtectedArea($unamel,$passl) { try { $active='1'; $stmth= $this->_db->prepare("select * from user where uname=:uname and pass=:pass and activated={$active}"); $stmth->bindparam(":uname",$unamel); $stmth->bindparam(":pass",$passl); $stmth->execute(); return $stmth->fetch(PDO::FETCH_ASSOC); } catch (PDOException $exc) { $exc->getMessage(); return false; } } Edited October 5, 2015 by shan Quote Link to comment Share on other sites More sharing options...
jamesmpollard Posted October 5, 2015 Share Posted October 5, 2015 Pop this at the top of the page to get any PHP errors: ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); Also, in your dbconfig, replace $e->getMessage(); with exit $e->getMessage(); Quote Link to comment Share on other sites More sharing options...
shan Posted October 5, 2015 Author Share Posted October 5, 2015 it actually gave the following error msg. Parse error: syntax error, unexpected '$e' (T_VARIABLE) in /opt/lampp/htdocs/project/includes/dbconfig.inc.php on line 18 Quote Link to comment Share on other sites More sharing options...
jamesmpollard Posted October 5, 2015 Share Posted October 5, 2015 it actually gave the following error msg. Please post full code for your dbconfig.inc.php or at least line 18 Quote Link to comment Share on other sites More sharing options...
jamesmpollard Posted October 5, 2015 Share Posted October 5, 2015 Scratch that, just realised.... line 18 is $e->getMessage(); Are you missing a semi colon? Quote Link to comment Share on other sites More sharing options...
shan Posted October 5, 2015 Author Share Posted October 5, 2015 after removing exit in dbconfig and when i var dump the $user i get bool(false). the method in the class seems to be harmless can u point me where im going wrong?? @jamesmpollard. Quote Link to comment Share on other sites More sharing options...
shan Posted October 5, 2015 Author Share Posted October 5, 2015 <?php $host="localhost"; $dbName="project"; $dbUname="root"; $dbPass=""; try { $conn=new PDO("mysql: host=$host;dbname=$dbName; charset=utf8", $dbUname, $dbPass); $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { $e->getMessage(); //line 18 } require_once 'classes.inc.php'; $project= new projecteg($conn); as asked im posting you the code Quote Link to comment Share on other sites More sharing options...
shan Posted October 5, 2015 Author Share Posted October 5, 2015 (edited) no everything seems to be perfect Edited October 5, 2015 by shan Quote Link to comment Share on other sites More sharing options...
jamesmpollard Posted October 5, 2015 Share Posted October 5, 2015 Could you run this and post the response please: <?php $host = "localhost"; $dbName = "project"; $dbUname = "root"; $dbPass = ""; try { $conn = new PDO("mysql: host=$host;dbname=$dbName; charset=utf8", $dbUname, $dbPass); $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { exit('ERROR: ' . $e->getMessage()); } require_once 'classes.inc.php'; $project = new projecteg($conn); Quote Link to comment Share on other sites More sharing options...
shan Posted October 5, 2015 Author Share Posted October 5, 2015 it doesn't give any error's Quote Link to comment Share on other sites More sharing options...
jamesmpollard Posted October 5, 2015 Share Posted October 5, 2015 it doesn't give any error's Excellent, is it all working okay? Or are you still facing the same problem? Quote Link to comment Share on other sites More sharing options...
shan Posted October 5, 2015 Author Share Posted October 5, 2015 no bro it returns bool false in login.inc.php when i vardump $user Quote Link to comment Share on other sites More sharing options...
shan Posted October 5, 2015 Author Share Posted October 5, 2015 i just changed the fetch st to fetchall in stmth handle and now i get array(0) { } if i var_dump the $user. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted October 5, 2015 Share Posted October 5, 2015 (edited) your query isn't matching any row(s). for this condition, which isn't a query error, the ->fetch() method returns a boolean false and the ->fetchAll() method returns an empty array. do the two form variables contain what you expect? are you using the same hashing method on the password when trying to login as when the account was registered (note: md5() is not suitable for hashing passwords. see the password_hash()/password_verify() functions.) is your pass field in the database table large enough to hold the hashed password? and in your viewProtectedArea() method, the catch block for the pdo exception needs to do SOMETHING with the error information . just listing the $exc->getMessage(); on a line doesn't do anything with the value. you should log the error information on a live server and display the information when developing/debugging. if you use php's trigger_error() statement, rather than an exit()/die() statement to handle the error message, it uses php's error_reporting/display_errors/log_errors settings to control where the error information goes to. edit: you would want to use something like this to handle the pdo exception message - trigger_error("Query: $query, Error: {$e->getMessage()}, File: {$e->getFile()}, Line: {$e->getLine()}"); you should be forming your sql statement in a php variable, i.e. $query in this example, so that you can include it in the error handling. Edited October 5, 2015 by mac_gyver Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted October 5, 2015 Share Posted October 5, 2015 You should actually get rid of this silly try-catch stuff altogether. The whole point of making PDO throw exceptions is that you do not have to manually check every single query for errors. With exceptions, query errors are automatically detected and trigger a fatal error with all relevant information. If you prefer to copy-and-paste the same error handling procedure over and over again, you don't need exceptions (but I'd rather do the opposite: keep the exceptions, get rid of the error code). Quote Link to comment Share on other sites More sharing options...
scootstah Posted October 5, 2015 Share Posted October 5, 2015 You should actually get rid of this silly try-catch stuff altogether. The whole point of making PDO throw exceptions is that you do not have to manually check every single query for errors. With exceptions, query errors are automatically detected and trigger a fatal error with all relevant information. If you prefer to copy-and-paste the same error handling procedure over and over again, you don't need exceptions (but I'd rather do the opposite: keep the exceptions, get rid of the error code). I agree. You can use set_exception_handler to capture any unhandled PDO exceptions to do what you're doing in one single location. If you actually need to handle an exception within your code then go ahead and use a try/catch block. But if you're simply displaying the exception message, that is totally unnecessary. Quote Link to comment Share on other sites More sharing options...
benanamen Posted October 5, 2015 Share Posted October 5, 2015 Thanks to @Jacques1, set_exception_handler is my new best friend. I unloaded a ton of unnecessary try/catch blocks on a very large project I am doing. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.