0

This is my login.php

<?php
error_reporting(E_ALL);
ini_set('display_errors',1);
include("config.php");
include("userClass.php");
$userClass = new userClass();

$errorMsgReg = '';
$errorMsgLogin = '';
/ * Login Form */

if (!empty($_POST['loginSubmit'])) {
    $usernameEmail = $_POST['usernameEmail'];
    $password = $_POST['password'];

    if (strlen(trim($usernameEmail)) > 1 && strlen(trim($password)) > 1) {

        $id = $userClass->userLogin($usernameEmail, $password);
        if(!$id)
        {
        echo "Not entering in userClass->Login";
        }

        if ($id) {
            // Not entering here
            $url = BASE_URL . 'welcome.php';          
            header("Location: $url");
        } else {
            echo "$id";
            $errorMsgLogin = "Please check login details.";

        }
     }
 }

And this is my userClass.php

<?php
error_reporting(E_ALL);
ini_set('display_errors',1);
class userClass
{
    /* User Login */
    public function userLogin($usernameEmail,$password)
    {
        try{
            $db = getDB();

            $hash_password= hash('sha256', $password); //Password encryption
            $stmt = $db->prepare("SELECT id FROM doctorlocation WHERE (doctorusername=:usernameEmail or doctoremail=:usernameEmail) AND doctorpassword=:hash_password"); 

            $stmt->bindParam("usernameEmail", $usernameEmail,PDO::PARAM_STR) ;
            $stmt->bindParam("hash_password", $hash_password,PDO::PARAM_STR) ;
            $stmt->execute();
            $count=$stmt->rowCount();
            $data=$stmt->fetch(PDO::FETCH_OBJ);
            $db = null;
            if($count)
            {
                $_SESSION['usernameEmail']=$usernameEmail; 
                $_SESSION['id']=$data->id; // Storing user session value
                return true;
            }   
            else
            {   
                return false;
                } 
            }
            catch(PDOException $e) {
                echo '{"error":{"text":'. $e->getMessage() .'}}';
            }

        }

My connection file, config.php

<?php
error_reporting(E_ALL);
ini_set('display_errors',1);
session_start();
/* DATABASE CONFIGURATION */
define('DB_SERVER', '******');
define('DB_USERNAME', '******');
define('DB_PASSWORD', '******');
define('DB_DATABASE', '*******');
define("BASE_URL", "******");



function getDB() 
{
$dbhost=DB_SERVER;
$dbuser=DB_USERNAME;
$dbpass=DB_PASSWORD;
$dbname=DB_DATABASE;
try {
$dbConnection = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass); 
$dbConnection->exec("set names utf8");
$dbConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

return $dbConnection;
}
catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}

}
?>

The error seems to be here $id = $userClass->userLogin($usernameEmail, $password);

It should be a small problem, cant seem to wrap my head around it. Any guidance would be helpful.

Thanks

AIS
  • 297
  • 1
  • 4
  • 16

1 Answers1

-1

Try creating your connection like this. Be sure to replace $json['MYSQL'][blah] with your connection info. 

    $this->PDOMYSQL = new PDO(
        'mysql:host='. $json['MYSQL']['HOST'] .';dbname='.$json['MYSQL']['DATABASE'].';charset=utf8mb4',
        $json['MYSQL']['USER'],
        $json['MYSQL']['PASS'],
        [
            PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
            PDO::ATTR_EMULATE_PREPARES   => TRUE
        ]
    );

Edit

NVM I just noticed that :usernameEmail != usernameEmail.

Change 

    $stmt->bindParam("usernameEmail", $usernameEmail,PDO::PARAM_STR) ;
    $stmt->bindParam("hash_password", $hash_password,PDO::PARAM_STR) ;

To

    $stmt->bindParam(":usernameEmail", $usernameEmail,PDO::PARAM_STR) ;
    $stmt->bindParam(":hash_password", $hash_password,PDO::PARAM_STR) ;

You are missing the :.

bassxzero
  • 4,838
  • 22
  • 34