Jump to content

$row['index here'] outputs null

phreak3r

By phreak3r
in PHP Coding Help

 Share

Recommended Posts

phreak3r Advanced Member

phreak3r

Posted
Posted 
<?php
include('header.php');
require('dbcon/dbcon.php');

	// if fields in form are set and submitted, check if user exists and is logged in or not
	if ($_SERVER['REQUEST_METHOD'] == 'POST') {
		$username = $_POST['username'];
		$password = $_POST['password'];
		$user_query = $pdo->query("SELECT * FROM profiles001 WHERE username = '$username'");
                $row = $user_query->fetchAll(PDO::FETCH_ASSOC);

		// if username and password match, init session and redirect to another page.
		if ($row == 1 && password_verify($password, $row['password'])) {
			$_SESSION['logged_in_user'] = $username; // set to IDnum later on...
			$_SESSION['username'] = $username;		
			// check if the user is logged in
			// if so, redirect to main page for logged-in users.
			if (isset($_SESSION['logged_in_user'])) {
				$_SESSION['logged_in_user'] = TRUE;
				header('Location: main.php');

			} else {
				// not logged in, keep on same page...
				session_destroy();
				exit();
			}
		} else if ($username != $row['username'] || $password != $row['password']) {
                        echo var_dump($row); echo var_dump($row['password']); echo var_dump($row['username']); echo var_dump($row['email']);
			echo "Incorrect username or password.";
		}
	}
?>

This code is responsible for authenticating the user upon logging in. I went ahead and updated the mysqli portion to PDO. As you can see I var_dump some variables near the end. Variable $row prints out as array(1) { [0]=> array(9) { ["username"]=> string(4) "test" ["password"]=> string(60) "$2y$10$uQEUsIwm0usWyZjWk/vo8e90e867oPLBu3ThKCk1aUseMcQuuHrVq" ["avatar"]=> string(15) "assets/soap.jpg" ["doc"]=> NULL ["las"]=> NULL ["email"]=> string(13) "test@test.org" ["c_status"]=> string(1) "0" ["account_age"]=> NULL ["bio"]=> string(4) "test" } }. The other three print out as NULL. What exactly is going on here?

Link to comment
Share on other sites
requinix Prolific Member

requinix

Posted
Posted

Let me put it this way: 

$row = $user_query->fetchAll(PDO::FETCH_ASSOC);

a) Describe using English what $row will be. Not according to what you think it is but according to what the code says it will be.
b) Does that match what you think $row will be? Is there perhaps a simple change you can make here that will bring it into line with your expectations?

Link to comment
Share on other sites
phreak3r Advanced Member

phreak3r

Posted
  • Author
Posted
3 hours ago, requinix said:

Let me put it this way: 


$row = $user_query->fetchAll(PDO::FETCH_ASSOC);

a) Describe using English what $row will be. Not according to what you think it is but according to what the code says it will be.
b) Does that match what you think $row will be? Is there perhaps a simple change you can make here that will bring it into line with your expectations?

Here is what they mysqli version looked like: 

<?php
include('header.php');
require('dbcon/dbcon.php');

	// if fields in form are set and submitted, check if user exists and is logged in or not
	if ($_SERVER['REQUEST_METHOD'] == 'POST') {
		$username = mysqli_real_escape_string($conn, $_POST['username']);
		$password = mysqli_real_escape_string($conn, $_POST['password']);
		$user_query = "SELECT * FROM profile0 WHERE username = '$username'";
		$result = mysqli_query($conn, $user_query);
		$row = mysqli_fetch_assoc($result);

		// if username and password match, init session and redirect to another page.
		if (mysqli_num_rows($result) == 1 && password_verify($password, $row['password'])) {
			$_SESSION['logged_in_user'] = $username; // set to IDnum later on...
			$_SESSION['username'] = $username;		
			// check if the user is logged in
			// if so, redirect to main page for logged-in users.
			if (isset($_SESSION['logged_in_user'])) {
				$_SESSION['logged_in_user'] = TRUE;
				header('Location: main.php');

			} else {
				// not logged in, keep on same page...
				session_destroy();
				exit();
			}
		} else if ($username != $row['username'] || $password != $row['password']) {
			echo "Incorrect username or password.";
		}
	}
?>

 

Link to comment
Share on other sites
phreak3r Advanced Member

phreak3r

Posted
  • Author
Posted
10 minutes ago, requinix said:

Compare: 


$row = $user_query->fetchAll(PDO::FETCH_ASSOC);

$row = mysqli_fetch_assoc($result);

I'm sure that if you take the minute to do what I said about understanding precisely what each line does then you would figure out what's going on.

From my understanding it fetches result from or of the array?

Link to comment
Share on other sites
ginerjm Prolific Member

ginerjm

Posted
Posted

My bad.  I do apologize.  I was misreading your code and having a major brain f..... and thought you were doing a prepare followed by a fetch.  Mad bad again... 

To speed things up here, the fetchall function is handy if you need to retrieve ALL of the results in a new array of the row contents which would be a multi-dimensional array.  In your case where I don't think you will need to do that kind of handling and also because you are probably only going to get a single record, you'll want to use the Fetch function to retrieve the one row with the desired user name.

You might want to add some error checking after the query call to be sure you ran successfully and then maybe even a check of the row count to be sure you got a row and only one row.  Assuming things are always going to run smoothly is bad programming practice.

Link to comment
Share on other sites
phreak3r Advanced Member

phreak3r

Posted
  • Author
Posted
On 1/7/2019 at 9:07 PM, requinix said:

So you know what the problem is now, right?

Yes, however, that was not really the issue. Not sure if this is the solution I am looking for, but I changed $row == 1 && password_verify($password, $row['password']) to $row['username'] == $username && password_verify($password, $row['password']. But, thank you.

Link to comment
Share on other sites
phreak3r Advanced Member

phreak3r

Posted
  • Author
Posted
On 1/7/2019 at 3:54 PM, ginerjm said:

My bad.  I do apologize.  I was misreading your code and having a major brain f..... and thought you were doing a prepare followed by a fetch.  Mad bad again... 

To speed things up here, the fetchall function is handy if you need to retrieve ALL of the results in a new array of the row contents which would be a multi-dimensional array.  In your case where I don't think you will need to do that kind of handling and also because you are probably only going to get a single record, you'll want to use the Fetch function to retrieve the one row with the desired user name.

You might want to add some error checking after the query call to be sure you ran successfully and then maybe even a check of the row count to be sure you got a row and only one row.  Assuming things are always going to run smoothly is bad programming practice.

Okay, thank you.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.