Undefined variable following a method call

Question

I am trying to put myself in OOP and I have a problem with variable scope.

Everything works except a session array and everything posts correctly.

My 'session table' and its elements are declared but its variables remain undefined. I get the following error messages:

Notice: Undefined variable: row
Notice: Trying to get property of non-object

What I can do to get access to $row?

This is my code for the class, including its methods:

$db = db::connect();

class auth {
   protected $login;
   protected $password;
   protected $email;

   public function setLogin($login) {
      $this->login = $login;
   }

   public function setPassword($password) {
      $this->password = $password;
   }

   public function login($fields, $table, $col_login, $col_password) {
      $query = Db::getInstance()->prepare('SELECT ' . $fields . ' FROM ' . $table . ' WHERE ' . $col_login . ' = :login AND ' . $col_password . ' = :password');

      $query->bindValue(   ':login',    $this->login, PDO::PARAM_STR);
      $query->bindValue(':password', $this->password, PDO::PARAM_STR);
      $query->execute();

      if ($query->rowCount() > 0) {  
         $row = $query->fetch(PDO::FETCH_OBJ);

         echo '<pre>';
         print_r($row->u_login);
         echo '</pre>';

         return true;
      }
      else {
         return false;
      }

      $query->closeCursor();
   }    
}

Here is my form code; this is from where I call the class method:

<?php 
   session_start();
   if (isset($_POST['login_submit'])) {
      if (!empty($_POST['login']) && !empty($_POST['password'])) {
         $auth = new auth();
         $auth->setLogin($_POST['login']);
         $auth->setPassword(sha1($_POST['password']));

         if ($auth->login('u_login,u_password,u_email,u_id_level', 'users', 'u_login', 'u_password')) {                 
            $_SESSION['back_office'] = array(
                                             'login' => $row->u_login,   // Error, $row is undefined
                                             'level' => $row->u_level,
                                             'email' => $row->u_email    
                                            );
         }
         else {
            message::showError('Compte non reconnu');
         }
      }
      else {
         message::showError('Veuillez remplir tous les champs');
      }
   }
?>

<form action="test.php" name="loginform" method="post">
   <input type="text" name="login" />
   <input type="password" name="password" />
   <input type="submit" name="login_submit" value="Se connecter" />
</form>

Only hashing a password with SHA1 is not enough, use bcrypt instead. See http://www.php.net/manual/en/function.password-hash.php — Marcel Korpel, Jul 20 '13 at 09:50
You have to return $row, so you can use your method. E.g.: `public function smth() { ... .... $row = $query->fetch(); return $row } ..... 'login' => $auth->smth->u_login;` — Royal Bg, Jul 20 '13 at 09:53

score 0 · Accepted Answer · answered Jul 20 '13 at 09:56

In your auth function you need to return row

if($query->rowCount() > 0){  
            $row = $query->fetch(PDO::FETCH_OBJ);                
            return $row;
        }else{
            return false;
        }

In your call assign the return value of login to $row

if (($row = $auth->login('u_login,u_password,u_email,u_id_level', 'users', 'u_login', 'u_password'))) {

score 0 · Answer 2 · answered Jul 20 '13 at 09:59

You have to return $row instead of return true

$row = $query->fetch(PDO::FETCH_OBJ);                
echo '<pre>';
print_r($row->u_login);
echo '</pre>';
return $row; // return true;

And you check like this

if($row = $auth->login('u_login,u_password,u_email,u_id_level', 
                       'users', 'u_login', 'u_password') !== false)

Then you can set value of $row

$_SESSION['back_office'] = array(
     'login' => $row->u_login,
     'level' => $row->u_level,
     'email' => $row->u_email    
);

score 0 · Answer 3 · answered Jul 20 '13 at 10:04

$row is not a global variable so you can't access from outside.

Between it's bad to make it global.

I will suggest you to put a variable called $authenticated_user for example.

Like that :

class auth {
    // ...
    protected $authenticated_user;
    //...
    public function login( // ... ) {
    // ...
       $authenticated_user = $query->fetch(PDO::FETCH_OBJ); 
    // ...
    }

    public getUser()
    { return $authenticated_user; }
}

In you Auth call part :

$row = $auth->getUser();

That's should be fine.

Undefined variable following a method call

3 Answers3