This question already has answers here:
How to fix "Headers already sent" error in PHP
(11 answers)
Closed 8 years ago.
I am trying redirect user when login successfully but I am getting error on entering wrong username and password and also redirection not working. If I insert valid username and password works great.
Error:
Notice: Undefined offset: 0 in /var/sites/l/example.com/public_html/demo/sitename/application/models/loginmodel.php on line 70
Notice: Trying to get property of non-object in /var/sites/l/example.com/public_html/demo/sitename/application/models/loginmodel.php on line 70
Warning: Cannot modify header information - headers already sent by (output started at /var/sites/l/example.com/public_html/demo/sitename/application/models/loginmodel.php:70) in /var/sites/l/example.com/public_html/demo/sitename/application/models/loginmodel.php on line 82
My Code:
session_start();
$username = strip_tags($username);
$password = strip_tags($password);
$sql = "SELECT id FROM users WHERE name='$username' and password='$password'";
$query = $this->db->prepare($sql);
$query->execute();
$records = $query->fetchAll();
$ck_userID = $records[0]->id;
//$active=$row['active'];
// echo "<pre>";
// print_r($ck_userID);
// echo "</pre>";
// die;
if ( count($ck_userID) > 0 ){
$_SESSION['login_user']=$username;
header('location: ' . URL . 'admin');
}else{
header('location: ' . URL . 'login?invalid');
}
Change
$ck_userID = $records[0]->id;
to
$ck_userID = isset($records[0]) && is_object($records[0]) ? $records[0]->id : null;
Explanation:
You have to check whethe $records[0] does exist and you should check whether it's an object (so it's not false or null).
Also care for SQL injection. You are using some kind of prepare method, but you don't prepare anything.
Another bad practice is header sending location change but no exit following.
Header start with a capital letter, location: -> Location:.
change
$records = $query->fetchAll();
$ck_userID = $records[0]->id;
if ( count($ck_userID) > 0 ){
to
$records = $query->fetchAll();
if ( count($records) > 0 ){
NOTE: your code is vulnerable to sql injections
Related
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
Why does this PDO statement silently fail?
(2 answers)
Closed 11 months ago.
This post was edited and submitted for review 11 months ago and failed to reopen the post:
Duplicate This question has been answered, is not unique, and doesn’t differentiate itself from another question.
I have this warning, how do I fix it?
Notice: Trying to access array offset on value of type bool in C:\Program Files\Ampps\www\NodeMCU\read tag user data.php on line 17
Code
require 'database.php';
$id = null;
if ( !empty($_GET['id'])) {
$id = $_REQUEST['id'];
}
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "SELECT * FROM tb_nodemcu where id = ?";
$q = $pdo->prepare($sql);
$q->execute(array($id));
$data = $q->fetch(PDO::FETCH_ASSOC);
Database::disconnect();
$msg = null;
if (null==$data['name']) {
$msg = "The ID of your Card / KeyChain is not registered !!!";
$data['id']=$id;
$data['name']="--------";
$data['gender']="--------";
$data['email']="--------";
$data['mobile']="--------";
} else {
$msg = null;
}
This question already has answers here:
php warning: mysqli_close() expects parameter 1 to be mysqli
(2 answers)
Reference: What is variable scope, which variables are accessible from where and what are "undefined variable" errors?
(3 answers)
Closed 5 years ago.
I am working on android app project and in this project, i need to connect my android app with PHP and MySQL everything is fine but I am getting an error in my user registration .php file error like this
Warning: mysqli_close() expects parameter 1 to be myself, null given
in C:\xampp\htdocs\panel\UserRegistration.php on line 35
I have tried many things but the error is still there.
Here is what I have tried:
<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
include 'DatabaseConfig.php';
$con = mysqli_connect($HostName,$HostUser,$HostPass,$DatabaseName);
$id_name = $_POST['id'];
$U_name = $_POST['username'];
$password = $_POST['password'];
$cnic = $_POST['cnic'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$CheckSQL = "SELECT * FROM Users WHERE email='$email'";
$check = mysqli_fetch_array(mysqli_query($con,$CheckSQL));
if(isset($check)){
echo 'Email Already Exist';
}
else{
$Sql_Query = "INSERT INTO Users (id,username,email,password_cnic,phone) values ('$id','$U_name','$email','$password','$cnic','$phone')";
if(mysqli_query($con,$Sql_Query))
{
echo 'Registration Successfully';
}
}
?>
https://secure.php.net/manual/fr/mysqli.close.php
You must do : mysqli_close($con);
:)
Pass Connection object in mysqli_close() function.
Like :
mysqli_close($con);
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
Closed 6 years ago.
my code is
$query1 = "SELECT `user_id` FROM `it_user` WHERE (user_email_address = ? AND user_mobile_number_verified = NULL)";
$stmt1 = $mysqli->prepare($query1);
$stmt1->bind_param("s",$email);
$stmt1->execute();
if ($stmt1->affected_rows == 1) {
//set registration flag to 1 stating that the users mobile number is already verified
echo '<meta http-equiv="refresh" content="0; URL=\'../signin/\'"/>';
}
else
{
$registration_flag = 2;
//redirect user to error page
//echo '<meta http-equiv="refresh" content="0; URL=\'../error/\'"/>';
}
i am getting this error ::
Call to a member function bind_param() on a non-object in ***** on line 62
where as my email variable is working corrrect and also the query.
Use NULL safe operator and write code as below:-
$mobile = NULL; // NOTE: no quotes - using php NULL
$query1 = "SELECT `user_id` FROM `it_user` WHERE user_email_address = ? AND user_mobile_number_verified <=> ?";
$stmt1 = $mysqli->prepare($query1);
$stmt1->bind_param("s",$email);
$stmt1->bind_param($mobile);
$stmt1->execute();
Hope it will help you :-)
This question already has an answer here:
"Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource"
(1 answer)
Closed 7 years ago.
I'm trying to use some simple code that's used elsewhere to access content from a MySQL database.
Code...
$rec_sessions_array = array();
$sql = "SELECT member_id FROM " . TABLE_PREFIX . "rec_sessions WHERE course_id = $course_id";
$result = mysql_query($sql, $db);
if($result && mysql_num_rows($result) > 0){
while ($row = mysql_fetch_assoc($result)) {
$rec_sessions_array[] = $row['member_id'];
}
}
I keep getting "Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in [path to my script] on line 367". Line 367 is the $result = mysql_query($sql, $db); from above.
When I echo $sql it's correct. When I run that query directly via PHP MyAdmin, it works fine.
Any ideas?
Also, before you say anything about getting away from mysql functions, I know. I'm just trying to augment something that already exists.
Utilizing global $db; higher in the code seems to have fixed this.
Credit goes to "Dagon" in the comments.
This question already has answers here:
How to fix "Headers already sent" error in PHP
(11 answers)
Closed 9 years ago.
When I run this page, it shows an error:
if (isset($_POST['send'])) {
mysql_connect("localhost", "MY_DB", "MY_PASSWORD") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
$username = $_POST['username'];
$password = $_POST['password'];
$result = mysql_query("SELECT * FROM manager WHERE username='$username'") or die(mysql_error());
$row = mysql_fetch_array($result);
if ($password == $row['password']) {
$_SESSION['confirm'] = '1';
header("Location: view.php");
} else {
echo"Not User";
}
}
It should echo the data of a MySQL table. It logs in correctly, but it does not redirect to view.php. The error is:
Warning: Cannot modify header information - headers already sent by
(output started at /home/mftporta/public_html/tooga/login.php:5) in
/home/mftporta/public_html/tooga/login.php on line 21
this error can be, an output (print, echo, message error, white space, BOM character) before redirect(header())
how remove BOM character