PHP Get Method, does not Enter If Statement - php

I am not sure why it does not enter the if statement in the API class to actually execute the method. The goal of this method is to simply return a specific row of data, when entering a specific username (this is a users database that holds users info etc). Any help in the right direction is welcomed. This is fairly new stuff to me. Thanks
This is the Connect Class. It is working 100%
<?php
class DbConnect{
private $con;
function __construct(){
}
function connect(){
include_once dirname(__FILE__).'/Constants.php';
$this->con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if(mysqli_connect_errno()){
echo "Failed to connect with database".mysqli_connect_err();
}
return $this->con;
}
}
<?php
This class handles all the functions.
EDIT: So after more testing, I believe the error is in this part of the code.
class DbOperations{
private $con;
function __construct(){
require_once dirname(__FILE__).'/DbConnect.php';
$db = new DbConnect();
$this->con = $db->connect();
}
public function getTheSpecificUser($username){
//$username = $_POST['username'];
//$username = $_POST['username'];
$stmt= $this->con-> prepare("SELECT `id`, `username`, `email`,
`phonenumber`, `birthdate`, `lastname`, `firstname`, `middlename`
FROM `users` WHERE `username` = ?");
$stmt->bind_param("s", $username);
$stmt->bind_result( $id, $username, $email, $phonenumber,
$birthdate, $lastname, $firstname, $middlename);
$stmt->execute();
//$stmt->bind_result("isssssss", $id, $username, $email,
//$phonenumber, $birthdate,
//$lastname, $firstname, $middlename);
$results = array();
//$results = $stmt->fetch();
while($stmt->fetch()){
$result = array();
$result['id'] = $id;
//$result['username'] = $username;
$result['email'] = $email;
$result['phonenumber'] = $phonenumber;
$result['birthdate'] = $birthdate;
$result['lastname'] = $lastname;
$result['firstname'] = $firstname;
$result['middlename'] = $middlename;
array_push($results, $result);
}
return $results;
}
This is the class that handles all the operations.
This is where the method is called from DbOpertaions. It is included and works correctly with other functions.
EDIT: I do not think the error is here, because if the statement is taken out of the if statement, then it should fire, but nothing happens if added to $response. So again the error must be in the DbOperaitions class.
<?php
//getting the dboperation class
require_once '../includes/DbOperations.php';
$response = array();
if(isset($_GET['apicall'])){
switch($_GET['apicall']){
case 'getthespecificuser':
if(isset($_GET['username'])){
echo "you are past the frist if statement";
$db = new DbOperations();
if($db->getTheSpecificUser($_GET['username'])){
echo "you are in the second if statement";
$response['error'] = false;
$response['id'] = $user['id'];
$response['username'] = $user['username'];
$response['email'] = $user['email'];
$response['phonenumber'] = $user['phonenumber'];
$response['lastname'] = $user['lastname'];
$response['firstname'] = $user['firstname'];
$response['middlename'] = $user['middlename'];
}else{
echo "-->";
var_dump($_GET['username']);
die();
$response['error'] = true;
$response['message'] = "something went wrong";
}
}else{
$response['error'] = true;
$response['message'] = "please enter a valid username";
}
break;
}else{
//if it is not api call
//pushing appropriate values to response array
$response['error'] = true;
$response['message'] = 'Invalid API Call`enter code here`';
}
//displaying the response in json structure
echo json_encode($response);

Related

Php Class inside included file not found

I was trying to follow this tutorial to make a simple login and registration for Android application with MySql. The Android app runs fine until it hit an error when accessing the database (account register).
When I tried to access the php application to make sure that the error is in the Android app, I got this error:
Fatal error: Class 'DbConnect' not found in C:\xampp\htdocs\AndroidLogin\include\user.php on line 12
I'm sure that db.php is already included in user.php. These are the codes I used from the tutorial: The first one is index.php
//index.php
<?php
require_once 'include/user.php';
$username = "";
$password = "";
$email = "";
if(isset($_POST['username'])){
$username = $_POST['username'];
}
if(isset($_POST['password'])){
$password = $_POST['password'];
}
if(isset($_POST['email'])){
$email = $_POST['email'];
}
// Instance of a User class
$userObject = new User();
// Registration of new user
if(!empty($username) && !empty($password) && !empty($email)){
$hashed_password = md5($password);
$json_registration = $userObject->createNewRegisterUser($username, $hashed_password, $email);
echo json_encode($json_registration);
}
// User Login
if(!empty($username) && !empty($password) && empty($email)){
$hashed_password = md5($password);
$json_array = $userObject->loginUsers($username, $hashed_password);
echo json_encode($json_array);
}
?>
Next, config.php
//config.php
<?php
define("DB_HOST", "localhost");
define("DB_USER", "root");
define("DB_PASSWORD", "");
define("DB_NAME", "androidlogin");
?>
This one is db.php
// db.php
<?php
include_once 'config.php';
class DbConnect{
private $connect;
public function __construct(){
$this->connect = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if (mysqli_connect_errno($this->connect)){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
}
public function getDb(){
return $this->connect;
}
}
?>
And the last one is user.php
// user.php
<?php
include_once 'db.php';
class User{
private $db;
private $db_table = "users";
public function __construct(){
$this->db = new DbConnect();
}
public function isLoginExist($username, $password){
$query = "select * from " . $this->db_table . " where username = '$username' AND password = '$password' Limit 1";
$result = mysqli_query($this->db->getDb(), $query);
if(mysqli_num_rows($result) > 0){
mysqli_close($this->db->getDb());
return true;
}
mysqli_close($this->db->getDb());
return false;
}
public function createNewRegisterUser($username, $password, $email){
$query = "insert into users (username, password, email, created_at, updated_at) values ('$username', '$password', '$email', NOW(), NOW())";
$inserted = mysqli_query($this->db->getDb(), $query);
if($inserted == 1){
$json['success'] = 1;
}else{
$json['success'] = 0;
}
mysqli_close($this->db->getDb());
return $json;
}
public function loginUsers($username, $password){
$json = array();
$canUserLogin = $this->isLoginExist($username, $password);
if($canUserLogin){
$json['success'] = 1;
}else{
$json['success'] = 0;
}
return $json;
}
}
?>
My directory looks like this:
AndroidLogin
|index.php
|include
|config.php
|db.php
|user.php
Do I miss something?
Usually, call the file like the class that you declare in it. In WAMP usually it gives some issues, i suggest to you to rename db.php in DbConnect.php
Make a default (empty) constructor in DbConnect, and make a simple method that would echo something. Try to make new DbConnect instance call that method from User class?

Call to a member function prepare() on null in crud.class.php on line 46

I don't know why I have this error, I am trying to use PDO to call a prepare method but it gives me errors
Here is my code:
public function create($user,$db){
$return_array = array("success"=>true,"message"=>"");
$create_user = new User("", "", "", "");
//validate the user
$validation = new Validation();
/*if(!$validation->username($user->getUsername())){
$return_array['success'] = false;
$return_array['message'] = $validation->get_username_criteria()."\n";
echo $return_array['message'];
}
if(!$validation->password($user->getPassword())){
$return_array['success'] = false;
$return_array['message'] = $validation->get_password_criteria()."\n";
echo $return_array['message'];
}*/
if($return_array['success']){
$insert_query = "INSERT INTO 'user' ('username', 'password', 'level')VALUES (:username, :password, :level)";
$stmt = $this->db->prepare($this->insert_query);
$stmt->bindValue(":username", $create_user->getUsername(), PDO::PARAM_STR);
$stmt->bindValue(":password", $create_user->getPassword(), PDO::PARAM_STR);
$stmt->bindValue(":level", $create_user->getLevel(), PDO::PARAM_INT);
$stmt->bindValue(":id", $id, PDO::PARAM_INT);
$stmt->execute();
echo "lalala";
return $return_array;
}
else
{
echo "lululu";
return $return_array;
}
}
here is my connection to database:
class Database{
private $DB_USER="";
private $DB_PASS="";
private $DB_NAME="";
private $DB_HOST="";
private $db;
public function _construct(){
$this->db = new PDO("mysql:host={$DB_HOST};dbname={$DB_NAME}", $DB_USER, $DB_PASS);
}
public function get_db(){
return $this->db;
}
public function _destruct(){
$this->db = null;
}
and here is where I call the method create():
$username = $_POST['username'];
$password = $_POST['password'];
$level = $_POST['level'];
$id = $_POST['id'];
$user = new User($id,$username,$password,$level);
$crud_obj = new crud();
$db_obj = new Database();
if($crud_obj->create($user,$db_obj->get_db())){
echo "Successfully registered!";
}

Register user PHP

I am trying to create a PHP script to register users. It connects my xCode with a mySQL database.
I am getting the following error:
8ee52684907bd42381d94f74f3c4d321b17c5285 Notice: Trying to get
property of non-object in
/Applications/XAMPP/xamppfiles/htdocs/SwiftAppAndMYSQL/db/MySQLDAO.php
on line 76
Fatal error: Uncaught exception 'Exception' in
/Applications/XAMPP/xamppfiles/htdocs/SwiftAppAndMYSQL/db/MySQLDAO.php:76
Stack trace: #0
/Applications/XAMPP/xamppfiles/htdocs/SwiftAppAndMYSQL/scripts/registerUser.php(63):
MySQLDAO->registerUser('email', 'gui', 'Maia', '8ee52684907bd42...',
'\x99\x99S'eXqs\xE0\xC4\x80[\xB1\x07y...') #1 {main} thrown in
/Applications/XAMPP/xamppfiles/htdocs/SwiftAppAndMYSQL/db/MySQLDAO.php
on line 76
This is my registerUser script
<?php
require ("../db/MySQLDAO.php");
require ("../db/Conn.php");
$returnValue = array();
if (
empty($_REQUEST["userEmail"]) ||
empty($_REQUEST["userPassword"]) ||
empty($_REQUEST["userFirstName"]) ||
empty($_REQUEST["userLastName"])) {
$returnValue["status"] = "400";
$returnValue["message"] = "Missing required information";
echo json_encode($returnValue);
return;
}
$userEmail = htmlentities($_REQUEST["userEmail"]);
$userPassword = htmlentities($_REQUEST["userPassword"]);
$userFirstName = htmlentities($_REQUEST["userFirstName"]);
$userLastName = htmlentities($_REQUEST["userLastName"]);
$salt = openssl_random_pseudo_bytes(16);
$secure_password = sha1($userPassword . $salt);
echo $secure_password;
$dao = new MySQLDAO(Conn::$dbhost, Conn::$dbuser, Conn::$dbpass, Conn::$dbname);
$dao->openConnection();
$userDetails = $dao->getUserDetails($userEmail);
if(!empty($userDetails))
{
$returnValue["status"] = "400";
$returnValue["message"] = "Please choose different email address";
echo json_encode($returnValue);
return;
}
$result = $dao->registerUser($userEmail, $userFirstName, $userLastName, $secure_password, $salt);
if ($result) {
$userDetails = $dao->getUserDetails($userEmail);
$returnValue["status"] = "200";
$returnValue["message"] = "Sucessfully registered new user";
$returnValue["userId"] = $userDetails["user_id"];
$returnValue["userFirstName"] = $userDetails["first_name"];
$returnValue["userLastName"] = $userDetails["last_name"];
$returnValue["userEmail"] = $userDetails["email"];
} else {
$returnValue["status"] = "400";
$returnValue["message"] = "Could not register user with provided information";
}
$dao->closeConnection();
echo json_encode($returnValue);
?>
My DAO object goes bellow:
<?php
class MySQLDAO {
private $dbpassword;
var $dbhost = null;
var $dbuser = null;
var $dbpass = null;
var $conn = null;
var $dbname = null;
var $result = null;
function __construct($dbhost, $dbuser, $dbpassword, $dbname) {
$this->dbhost = $dbhost;
$this->dbuser = $dbuser;
$this->dbpass = $dbpassword;
$this->dbname = $dbname;
}
public function openConnection() {
$this->conn = new mysqli($this->dbhost, $this->dbuser, $this->dbpass, $this->dbname);
if (mysqli_connect_error())
throw new Exception("Could not stabilish connection with database");
$this->conn->set_charset("utf8");
}
public function closeConnection() {
if ($this->conn != null)
$this->conn->close();
}
public function getUserDetails($email){
$returnValue = array();
$sql = "select * from users where email= '".$email."'";
$result = $this->conn->query($sql);
if ($result != null && (mysqli_num_rows($result) >= 1 )){
$row = $result->fetch_array(MYSQLI_ASSOC);
if (!empty($row)){
$returnValue = $row;
}
}
return $returnValue;
}
public function registerUser($email, $first_name, $last_name, $password, $salt) {
$sql = "insert unto users set email=?, first_name=?, last_name=?, user_password=?, salt=?";
$statement = $this->conn->prepare($sql);
if (!$statement){
throw new Exception($statement->error);
}
$statement->bind_param("sssss", $email, $first_name, $last_name, $password, $salt);
$returnValue = $statement->execute();
return $returnValue;
}
}
My connection class
<?php
class Conn {
public static $dbhost = "localhost";
public static $dbuser = "root";
public static $dbpass = "";
public static $dbname = "SwiftApp";
}
?>
There is one possible error I can spot:
This SQL query has a typo, it should be into, not unto, resulting in a syntax error:
$sql = "insert unto users set email=?, first_name=?, last_name=?, user_password=?, salt=?";
$statement = $this->conn->prepare($sql);
The syntax error results in $mysqli->prepare() returning false.
If this is the case the next block can't work.
if (!$statement){
throw new Exception($statement->error);
}
If $statement is false, it isn't an object, so $statement->error doesn't work and the error Trying to get property of non-object is thrown.
This should report the desired result:
/// corrected query
$sql = "insert into users set email=?, first_name=?, last_name=?, user_password=?, salt=?";
$statement = $this->conn->prepare($sql);
if (!$statement){
/// corrected error reporting
throw new Exception($this->conn->error);
}

Check user credentials PHP MySQL

Im trying to create a user management section on my website that allows users to login.
So far I have the following PDO Conenction class...
<?php
class connection{
private $host = 'localhost';
private $dbname = 'dbname';
private $username = 'liam#';
private $password ='Password';
public $con = '';
function __construct(){
$this->connect();
}
function connect(){
try{
$this->con = new PDO("mysql:host=$this->host;dbname=$this->dbname",$this->username, $this->password);
$this->con->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
}catch(PDOException $e){
echo 'We\'re sorry but there was an error while trying to connect to the database';
file_put_contents('connection.errors.txt', $e->getMessage().PHP_EOL,FILE_APPEND);
}
}
}
?>
My check-login.php looks like...
<?php
include 'assets/connection.class.php';
$username=$_POST['username'];
$password=$_POST['password'];
function login(PDO $db, $username, $password) {
$user_id = user_id_from_username($db, $username);
$password = md5($password);
$stmt = $db->prepare('SELECT COUNT(`user_id`) FROM `users` WHERE `username` = ? AND `password` = ?');
$stmt->bindParam(1, $username);
$stmt->bindParam(2, $password);
$stmt->execute();
if($stmt->fetchColumn() > 0) {
return $user_id;
} else {
return false;
echo 'failed';
}
}
?>
my problem is that im not given any result from check-login.php? Im not a php programmer so apologies if this seems vague, any help will be appreciated
It could be a problem with
$user_id = user_id_from_username($db, $username);
Since we don't know what that function (user_id_from_username) is doing, it might be that the
return $user_id;
is just returning NULL or an empty string.

php script echoing part of the php instead of what intended [duplicate]

This question already has answers here:
PHP code is not being executed, but the code shows in the browser source code
(35 answers)
Closed 2 years ago.
I'm having trouble with php script that I've created to insert instances into a database, however I'm getting a trivial output and i dont know how to fix it. the code is:
<?php
try{
$user = 'root';
$pass = null;
$pdo = new PDO('mysql:host=localhost; dbname=divebay', $user, $pass);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$username = $_POST['username'];
$password = sha1($_POST['password']);
$location = %_POST['location'];
$email = $_POST['email'];
$name = $_POST['fname'] . " " . $_POST['surname'];
$check = $pdo->prepare('SELECT * FROM user WHERE username=?');
$check->bindValue(1, $username);
$check->execute();
if($check->fetch(PDO::FETCH_OBJ)){
echo "Account name already exists";
}
else{
$stmt = $pdo->prepare('INSERT INTO user(username, password, location, email, name)
VALUES(:username, :password, :location, :email, :name)');
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':location', $location, PDO::PARAM_STR);
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
if($stmt->execute()){
echo "Account created";
}
else{
echo "Account could not be created";
}
}
$pdo = null;
}catch(PDOException $e){
echo $e->getMessage();
}
?>
i would expect the output to be something like "Account created". Instead the output I'm getting this error:
setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $username =
$_POST['username']; $password = sha1($_POST['password']);
$location = %_POST['location']; $email = $_POST['email']; $name =
$_POST['fname'] . " " . $_POST['surname']; $check =
$pdo->prepare('SELECT * FROM user WHERE username=?');
$check->bindValue(1, $username); $check->execute();
if($check->fetch(PDO::FETCH_OBJ)){ echo "Account name already exists";
} else{ $stmt = $pdo->prepare('INSERT INTO user(username, password,
location, email, name) VALUES(:username, :password, :location, :email,
:name)'); $stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':location', $location, PDO::PARAM_STR);
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
if($stmt->execute()){ echo "Account created"; } else{ echo "Account
could not be created"; } } $pdo = null; }catch(PDOException $e){ echo
$e->getMessage(); } ?>
whats going wrong with this script to cause this?
The only way you'd get that output is if you had written:
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
as:
$pdo?>setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
by mistake.
YOU HAVE a % INSTEAD OF $ on %_POST['location']
RECOMMENDATION:
Also I HIGHLY recommend wrapping the PDO functions into a class. Here is what I use personally in every single project:
save this to it's own file (ex:sql.class.php)
<?php
class SqlIt{
public $Sql;
public $Response;
private $Host;
private $DBname;
private $User;
private $Pass;
public $NumResults;
public function __construct($Sql, $type, $vars){
if($vars == ""){
$vars = array();
}
try{
$DB = $this->db_connect();
$DB->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$STH = $DB->prepare($Sql);
$doit = $STH->execute($vars);
$this->Result = $doit;
}
catch(PDOException $e){
echo $e->getMessage();
}
//find function to run
switch($type){
case 'select':
$this->select($STH);
break;
}
}
public function select($query){
$rows = $query->rowCount();
$this->NumResults = $rows;
while($row = $query->fetchObject()){
$this->Response[] = $row;
}
}
//create a separate function for connecting to DB. Private to only this class.
private function db_connect(){
$this->User = 'root';
$this->Pass = '';
$DBH = new PDO("mysql:host=localhost;dbname=divebaby", $this->User, $this->Pass);
return $DBH;
}
}
?>
Then to actually run the statement you placed above you simply right the following code:
$username = $_POST['username'];
$password = sha1($_POST['password']);
$location = $_POST['location'];
$email = $_POST['email'];
$name = $_POST['fname'] . " " . $_POST['surname'];
$getUser = new SqlIt("SELECT * FROM user WHERE username=?","select",array($username));
if($getUser){
echo 'Account name already exists';
}else{
$insertUser = new SqlIt("INSERT INTO user (username,password,location,email,name) VALUES (?,?,?,?,?)","insert",array($username,$password,$location,$email,$name));
if($insertUser){
echo 'Account created!';
}else{
echo 'Account not created.';
}
Missing <?php at the beginning of one of your pages that contains that code with the first line of setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

Categories