Zeehamster Posted July 30, 2017 Share Posted July 30, 2017 I have a error and i dont know how to fix it: ERROR: [sun Jul 30 20:44:28.030608 2017] [proxy_fcgi:error] [pid 1222:tid 140689320777472] [] AH01071: Got error 'PHP message: PHP Fatal error: Call to a member function bind_param() on boolean in /home/timavnl/domains/tim-av.nl/public_html/6628/job/login_1.php on line 26\n', referer: http://tim-av.nl/6628/job/index.php PHP CODE (LOGIN1.PHP): <?php include("dbcon.php"); include("functions.php"); $username = $_POST['username']; $password = $_POST['password']; if ( $username == "" || $password == "" ) { echo "Gebruikersnaam en Wachtwoord moeten ingevuld zijn!"; } else { if ( hasInvalidCharacters($username) ) { echo "Gebruikersnaam kan alleen letters bevatten [a-z A-Z]"; } else { $sql = " SELECT password FROM timavnl_1 WHERE username = ? LIMIT 1; "; $stmt = $mysqli->prepare($sql); $stmt->bind_param('s', $username); $stmt->execute(); $stmt->bind_result($hashedPw); $stmt-> fetch(); if ( crypt($password, $hashedPw) == $hashedPw ) { echo "Wachtwoord komt overeen"; } else { echo "Wachtwoord komt NIET overeen"; } } } ?> FUNCTIONS.PHP <?php function hasInvalidCharacters($text) { return (bool) preg_match('/[äöüß "!§$%&\/()=[\]\?.:,;\-_]/x', $text); } function encrypt($input, $rounds = 12) { $salt = ""; $saltChars = array_merge(range('A','Z'), range('a','z'), range('0','9')); for ($i = 0; $i < 22; $i++) { $salt .= $saltChars[array_rand($saltChars)]; } return crypt($input, sprintf('$2y$%02d$', $rounds) . $salt ); } ?> Greetings, Job. Link to comment Share on other sites More sharing options...
requinix Posted July 30, 2017 Share Posted July 30, 2017 It means your query $sql = " SELECT password FROM timavnl_1 WHERE username = ? LIMIT 1; ";is invalid. Perhaps the table does not exist? Link to comment Share on other sites More sharing options...
Zeehamster Posted July 30, 2017 Author Share Posted July 30, 2017 It means your query $sql = " SELECT password FROM timavnl_1 WHERE username = ? LIMIT 1; ";is invalid. Perhaps the table does not exist? I changed it to: FROM timavnl_1.gebruikers still the same error.. Here is a picture of the database: http://prntscr.com/g28net Link to comment Share on other sites More sharing options...
requinix Posted July 30, 2017 Share Posted July 30, 2017 What does $stmt->error show? Link to comment Share on other sites More sharing options...
mac_gyver Posted July 30, 2017 Share Posted July 30, 2017 ^^^ actually, $stmt->anything won't work because $stmt is a Boolean false. depending what's in $mysqli (if not an already closed mysqli connection), echoing $mysqli->error may provide some helpful information. Link to comment Share on other sites More sharing options...
Zeehamster Posted July 30, 2017 Author Share Posted July 30, 2017 What does $stmt->error show? I cant see the error because of the PHP ERROR 500 If i dont fill in any login credentials at the index.php i get a warning screen with: You need to fill in username & password So the error is only showing up when i fill in the password wich is encrypted with $salt. Link to comment Share on other sites More sharing options...
gizmola Posted July 30, 2017 Share Posted July 30, 2017 Look in your web & php log(s). The error should be logged somewhere. Link to comment Share on other sites More sharing options...
Zeehamster Posted July 30, 2017 Author Share Posted July 30, 2017 Look in your web & php log(s). The error should be logged somewhere. [sun Jul 30 23:29:18.017047 2017] [proxy_fcgi:error] [pid 21373:tid 140689698318080] [client ip] AH01071: Got error 'PHP message: PHP Fatal error: Call to a member function bind_param() on boolean in /home/timavnl/domains/tim-av.nl/public_html/6628/job/login_1.php on line 26\n', referer: http://tim-av.nl/6628/job/index.php This is the only error im getting in my Web error log Link to comment Share on other sites More sharing options...
requinix Posted July 30, 2017 Share Posted July 30, 2017 ^^^ actually, $stmt->anything won't work because $stmt is a Boolean false.Er, right, wrong variable. Whichever one is the mysqli object. Link to comment Share on other sites More sharing options...
Jacques1 Posted July 30, 2017 Share Posted July 30, 2017 Before you do anything, you need to actually learn how to use mysqli – or even better: switch to PDO. mysqli isn't the kind of extension which “just works” as long as the code vaguely makes sense. It's a hard-core low-level interface for people who carefully read the manual and spend a lot of time getting every detail right. Let's be honest here: That's not how you operate. If, for some crazy reason, you want to use mysqli nonetheless, then the first thing you need to learn is error handling. You can't just assume that methods never fail. As you just saw, they do. That means you either have to check – every – single – return value. Or you must enable exceptions. If you enable exceptions, do not catch them. I know PHP programmers have the strange urge to wrap everything in try-catch statements and print error messages on the screen. But exceptions should usually be left alone. That crypt() stuff you've copied and pasted from the Internet is also messed up. Again: Read the manual. It explicitly tells you to use the Password Hash API. Like mysqli, crypt() is a low-level interface not intended for the average programmer. And it's even harder to use. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.