phreak3r Posted February 25, 2018 Share Posted February 25, 2018 I have been converting parts of my codebase over from procedural MySQLi to PDO. I have had trouble at the moment, I am being hit with an 'incorrect password or username" error, when I know that I am for a face using the correct username and password. Anything funny looking here? <?php include('header.php'); require('dbcon/dbcon.php'); // if fields in form are set and submitted, check if user exists and is logged in or not if ($_SERVER['REQUEST_METHOD'] == 'POST') { $databaseClass = new Database; $dbconnect = $databaseClass->connectToDatabase(); $username = $_POST['username']; $password = $_POST['password']; $stmt = $dbconnect->prepare("SELECT * FROM profile0 WHERE username = :username"); $stmt->bindParam(':username', $username); $stmt->execute(); $count = $stmt->fetchColumn(); $row = $stmt->fetch(PDO::FETCH_ASSOC); //$row = $stmt->fetch(PDO::FETCH_ASSOC); // if username and password match, init session and redirect to another page. if ($row == 1 && password_verify($password, $row['password'])) { $_SESSION['logged_in_user'] = $username; // set to IDnum later on... $_SESSION['username'] = $username; // check if the user is logged in // if so, redirect to main page for logged-in users. if (isset($_SESSION['logged_in_user'])) { $_SESSION['logged_in_user'] = TRUE; header('Location: main.php'); } else { // not logged in, keep on same page... session_destroy(); exit(); } } else if ($username != $row['username'] || $password != $row['password']) { echo "Incorrect username or password."; } } // test var_dump($username); var_dump($password); ?> Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/ Share on other sites More sharing options...
benanamen Posted February 25, 2018 Share Posted February 25, 2018 Assuming you have error reporting properly setup, start with var_dump'ing $row and make sure it returns what you expect it to. Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556695 Share on other sites More sharing options...
phreak3r Posted February 25, 2018 Author Share Posted February 25, 2018 Assuming you have error reporting properly setup, start with var_dump'ing $row and make sure it returns what you expect it to. Welp, $row is not printing anything out at all. Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556696 Share on other sites More sharing options...
phreak3r Posted February 25, 2018 Author Share Posted February 25, 2018 (edited) Nevermind, $row is now printing out the array. But, still not logging in properly. Edited February 25, 2018 by phreak3r Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556697 Share on other sites More sharing options...
Solution benanamen Posted February 25, 2018 Solution Share Posted February 25, 2018 You see the problem now right? You are incorrectly expecting if ($row == 1. The var dump shows you what the result is which is an array of the result. Change the code to if ($row){ // do login stuff } else{ // login failed } Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556699 Share on other sites More sharing options...
phreak3r Posted February 25, 2018 Author Share Posted February 25, 2018 You see the problem now right? You are incorrectly expecting if ($row == 1. The var dump shows you what the result is which is an array of the result. Change the code to if ($row){ // do login stuff } else{ // login failed } I sort of understand, I took away or changed whatever I had as $result in order to get the PDO working, well...sort of working. So, with just if ($row) {} else {} there should be no need for if ($row == 1 && password_verify($password, $row['password'])) {}? At least that is what I am getting from this... Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556700 Share on other sites More sharing options...
benanamen Posted February 25, 2018 Share Posted February 25, 2018 You still need to do the password_verify. Take a look at my repo login script from lines 40 to 102. https://github.com/benanamen/perfect_app/blob/master/public/login.php Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556701 Share on other sites More sharing options...
phreak3r Posted February 25, 2018 Author Share Posted February 25, 2018 (edited) You still need to do the password_verify. Take a look at my repo login script from lines 40 to 102. https://github.com/benanamen/perfect_app/blob/master/public/login.php Yeah, this is pretty frustrating. I do not like how things are so split up like that. I prefer to have: if ($row && password_verify($password, $row['password'])) {} But that doesn't work either, I went from fixing things to breaking them again. Edited February 25, 2018 by phreak3r Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556702 Share on other sites More sharing options...
phreak3r Posted February 25, 2018 Author Share Posted February 25, 2018 Nevermind, Kev, I sorted it out. Quote Link to comment https://forums.phpfreaks.com/topic/306647-pdo-problem-with-login-system/#findComment-1556703 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.