not redirecting to the reference page

Question

class User{
protected $pdo;
function __construct($pdo){
    $this->pdo = $pdo;
}
public function checkInput($var){
    $var = htmlspecialchars($var);
    $var = trim($var);
    $var = stripcslashes($var);
    return $var;
}

and here it show Only variables should be passed by reference

public function login ($email, $password){
$stmt = $this->pdo->prepare("SELECT 'user_id' FROM 'users' WHERE 'email' = :email AND 'password' = :password");
$stmt ->bindParam(":email", $email, PDO::PARAM_STR);
$stmt ->bindParam(":password", md5($password), PDO::PARAM_STR);
$stmt ->execute();

$user = $stmt->fetch(PDO::FETCH_OBJ);
$count = $stmt->rowCount();

here the redirecting page not reloads just shows the html error

if ($count > 0) {
    $_SESSION['user_id'] = $user ->user_id;
    header('Location: home.php');
}else{
    return false;
}

} }

Which "html error"? (Also, md5 is unsuitable for password hashing – see http://php.net/manual/en/faq.passwords.php and [`password_hash`](https://secure.php.net/manual/en/function.password-hash.php)) — cfillion, Jun 18 '18 at 01:34
Specifically what error? Put the contents of the error here. — Jordan Soltman, Jun 18 '18 at 01:38
Notice: Only variables should be passed by reference in C:\xampp\htdocs\test\core\classes\user.php on line 18 — satendra singh, Jun 18 '18 at 01:40
https://stackoverflow.com/questions/42246668/only-variables-should-be-passed-by-reference-need-some-help-php — cfillion, Jun 18 '18 at 01:47
after using the same function the error not shows but now it not matches the value of db and shows the error of condition and not redirects to referal page — satendra singh, Jun 18 '18 at 01:53

score -1 · Accepted Answer · answered Jun 18 '18 at 04:46

-1

It seems that your bind_params second parameter are reference. In strict standard this should be variables so this code

$stmt ->bindParam(":password", md5($password), PDO::PARAM_STR);

Should be

 $hashed_pass =  md5($password);
 $stmt ->bindParam(":password", $hashed_pass , PDO::PARAM_STR);

The same goes if you use password_hash instead of md5

You may read this question for more information Strict Standards: Only variables should be passed by reference

answered Jun 18 '18 at 04:46

keysl

2,127
1
12
16

now sql not runs to match the data and shows the error – satendra singh Jun 18 '18 at 12:04
now it not connects the databse and shows the error how to fix it – satendra singh Jun 19 '18 at 02:45

not redirecting to the reference page

1 Answers1