1

I'm trying hard to get a user based on his id or email after he's logged in trough a form. The function is defined in a User.class.php and i want to call it on another php file called profile.php, but it continues giving me syntax errors and I don't see how to fix it..

Errors: Deprecated: Non-static method User::getUserId() should not be called statically Notice: Undefined variable: email in

User class is made clean with getters and setters,functions

Below is Profile.php and user class code:

<?php
 include_once("classes/User.class.php");
 include_once("classes/db.class.php");
 
try {
    $conn = Db::getInstance();
    $user = User::getUserId($email);


 
} catch (PDOException $e) {
    die("Could not connect to the database $dbname :" . $e->getMessage());
}


?>
<!DOCTYPE html>
<html>
    <head>
        <title>PHP MySQL Query Data Demo</title>
        <link href="css/bootstrap.min.css" rel="stylesheet">
        <link href="css/style.css" rel="stylesheet">
    </head>
    <body>
        <div id="container">
            <h1>Employees</h1>
            <table class="table table-bordered table-condensed">
                <thead>
                    <tr>
                        <th>Fullname</th>
                        <th>Username</th>
                        <th>Email</th>
                    </tr>
                </thead>
                <tbody>
                <div class="profile">
<h2><?php echo $user[0]['first_name'] ?>&nbsp;<?php echo $user[0]['last_name'] ?></h2>
    <p class="profile__text"><?php echo $user[0]['avatar'] ?></p>
    <p class="profile__text"><?php echo $user[0]['email'] ?></p>
    <p class="profile__text">***********</p>
    <p class="profile__text"><?php echo $user[0]['address'] ?></p>
</div>
                </tbody>
            </table>
    </body>
</div>
</html>
include_once('Db.class.php');
class User {

    private $email;
    private $username;
    private $fullname;
    private $password;


    public function getFullname()
    {
        return $this->fullname;
    }


    public function setFullname($fullname)
    {
        $this->fullname = $fullname;

        if(empty ($fullname)){
            throw new Exception("Please fill in your fullname");
        }
    }


    public function getUsername()
    {
        return $this->username;
    }


    public function setUsername($username)
    {
        $this->username = $username;

        if(empty ($username)){
            throw new Exception("Please fill in your username");
        }
    }


    public function setEmail($email)
    {
        $this->email = $email;

        if(empty ($email)){
            throw new Exception("Please fill in your E-mail adress");
        }
    }


    public function getEmail()
    {
        return $this->email;

    }


    public function setPassword($password)
    {
        if(strlen($password) < 8){
            throw new Exception("Password must be at least 8 characters long.");

        }
        //B-crypt the password
        $hash = password_hash($password,PASSWORD_DEFAULT);// standaard 10 keer als je geen options mee geeft
        $this->password = $hash;
        return true;
    }
    public function getPassword()
    {
        return $this->password;
    }

    public function register(){
        //connection
        $conn = Db::getInstance();
        //query (insert)
        $statement = $conn->prepare("insert into users (email, username, fullname, password) 
                            values(:email, :username, :fullname, :password)");

        $statement->bindParam(':fullname',$this->fullname);
        $statement->bindParam(':email',$this->email);
        $statement->bindParam(':username',$this->username);
        $statement->bindParam(':password',$this->password);
        //execute
        $result = $statement->execute();
        //return true/false
        return $result;
    }
    public function login() {
        if(!isset($_SESSION['loggedin'])) {
            //header('Location:login.php');
            echo $feedback = "thanks for creating an account.";
        }   
    }
    // ------------------------------------ LOGIN
    public function canILogin($email, $password) {
       //session_start()
        //already loggedin 
        if (isset($_SESSION['email'])) {
            header('Location: index.php');
        }

        //connection
        $conn = Db::getInstance();
        //query

        $statement = $conn->prepare("select * from users where email = :email");
        $statement->bindParam(":email", $email);
        //execute
        $statement->execute();

        $result = $statement->fetch(PDO::FETCH_ASSOC);

        if(password_verify($password, $result['password'])){
            return true;
        }
        else{
            throw new Exception('Ooopss something goes wrong... Try again!');
        }
    }

    //checken of we zijn ingelogd
    public static function checkLogin() {
            if(!isset($_SESSION)) {
                session_start();
            }
            if(!isset($_SESSION['username'])) {
                //header("Location: login.php");
            }
        }


        public function getUserId($email) {
            $conn = Db::getInstance();

            $statement = $conn->prepare("select * from users where email = '".$email."';");
            $statement->execute();
            $result = $statement->fetch();
            $userId = $result['id'];
            return $userId;
              }


              
      public function getAllFromUser($email) {
            $conn = Db::getInstance();

            $statement = $conn->prepare("select * from users where email = '".$email."';");
            $statement->execute();
            $result = $statement->fetch();
            return $userId;
              }



} // User class end
Distortion
  • 309
  • 2
  • 3
  • 12
  • You'll need to instantiate an object from the `User` class before you call the `getUserId()` method since that method hasn't been declared static... a.k.a `$user = User::getUserId($email);` is borked. – CD001 Apr 30 '18 at 10:38
  • Its not a static method. Your code is also wide open to SQL injection – Lawrence Cherone Apr 30 '18 at 10:38
  • The error is clear, your function `getUserId` is not static yet it is being called statically (`User::getUserId(...)`). – Script47 Apr 30 '18 at 10:38

1 Answers1

0

In your try/catch block at the top of your first file, you are not declaring a new instance and trying to use a static call. Change it to this:

$conn = new Db();
$dbInstance = $conn::getInstance();
$user = new User();
$userDetails = $user->getUserId($email);

I'm assuming that anything that you want to access in your Database will be through the $conn object, and any user information should be through the $user object. You are also sending the getUserId() method in the User class a variable that might not be in context. Assuming that you know that the $email variable is a valid email address, you should add this condition around the call:

if(is_string($email) && !empty($email)){
    $userDetails = $user->getUserId($email);
}
Shaun Bebbers
  • 179
  • 2
  • 12
  • 1
    You don't know whether `Db::getInstance()` is static or not since the code for that isn't displayed - and `getInstance()` **implies** that it's a Singleton pattern so that method probably *is* static; it's just `getUserId()` that's the issue. – CD001 Apr 30 '18 at 10:43
  • 1
    @CD001 In Db.class.php it's defined as an private static $conn & public static function getInstance() – Distortion Apr 30 '18 at 10:53
  • 1
    @Shaun Bebbers Tryed it it removes the 2 first errors but still this error: Undefined variable: email & Cannot use object of type User as array – Distortion Apr 30 '18 at 10:57
  • @CD001 -> you are correct that I don't know if the Db class has static methods or not. I don't use static in PHP at all these days. I will amend my answer on your feedback. Many thanks. – Shaun Bebbers Apr 30 '18 at 10:58
  • @Distortion -> how is the `getInstance()` method declared in your Db class? Also, you need to start dumping out your objects. Use `echo '
    ' . print_r($email, 1); die('
    ');` at the top of the try/catch block to see what the `$email` object is. If it's an array, they you need to sent the `getUserId()` method in your user class the correct element. Once that is determined, remove the `echo '
    ' . print_r($email, 1); die('
    ');` from your `try/catch` block     – Shaun Bebbers Apr 30 '18 at 11:06
  • @ShaunBebbers – Distortion Apr 30 '18 at 12:21