-1

creating a log in page where if a user is already logged in they are redirected to the home page, however upon execution I get the error code :

call to a member function isloggiedin() on string

what am I doing wrong here?

<?php
include "H:\p3t\phpappfolder\public_php\FYP\includes\api\config\database.php";


if(User::is_loggedin()!="") 
{
    $user->redirect('home.php');
}

if(isset($_POST['btn-login'])) // line  11 where new error exists
{
    $user = $_POST['username'];
    $password = $_POST['password'];

    if(User::login($user,$password))
    {
        $user->redirect('home.php');
    }
    else
    {
        $error = "Wrong Details !";
    }
}
?>

the following code may also help as it is my class.user.php file:

<?php
class USER
{
    private $db;

    function __construct($DB_con)
    {
        $this->db = $DB_con;
    }



    public function login($user,$password)
    {
        try
        {
            $stmt = $this->db->prepare("SELECT * FROM user WHERE user_name=:username OR user_email=:password LIMIT 1");
            $stmt->execute(array(':username'=>$user, $password));
            $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
            if($stmt->rowCount() > 0)
            {
                if(password_verify($password, $userRow['user_pass']))
                {
                    $_SESSION['user_session'] = $userRow['user_id'];
                    return true;
                }
                else
                {
                    return false;
                }
            }
        }
        catch(PDOException $e)
        {
            echo $e->getMessage();
        }
    }

    public function is_loggedin()
    {
        if(isset($_SESSION['user_session']))
        {
            return true;
        }
    }

    public function redirect($url)
    {
        header("Location: $url");
    }

    public function logout()
    {
        session_destroy();
        unset($_SESSION['user_session']);
        return true;
    }
}
?>

as you can see I have the function "isloggedin" so I don't understand why I am getting the error

after following the advice in the answer I was presented with the error message :

Parse error: syntax error, unexpected 'if' (T_IF) in H:\p3t\phpappfolder\public_php\FYP\includes\api\login.php on line 11

Barmar
  • 741,623
  • 53
  • 500
  • 612
w.doe
  • 9
  • 4
  • 1
    `$user` is clearly a string and not an object or an instance of the USER class. How could you think this would work? – John Conde Feb 28 '19 at 17:53
  • In your method `login`, your code in `$stmt->execute...` would need to pass the password as the correct key as well - BUT you should learn to use [`password_hash`](https://stackoverflow.com/questions/30279321/how-to-use-password-hash) – Nigel Ren Feb 28 '19 at 18:13
  • The user class is never instantiated in your code, and as @JohnConde said, you assigned the string output of `$_POST['username']`. You can't use `$user` as both a class and a variable for username. – tshimkus Feb 28 '19 at 18:20

1 Answers1

0

$user is the string parameter, not a User object, so you can't use $user->is_loggedin().

The is_loggedin() method doesn't use any class properties, so it can be a static method.

public static function is_loggedin()
{
    return isset($_SESSION['user_session']);
}

Then you can use

if (User::is_loggedin())

Also, you shouldn't set $user and $password before 

if (isset($_POST['btn-login']))
Barmar
  • 741,623
  • 53
  • 500
  • 612
  • Thank you, I was able to get passed the error however now I am faced with a syntax error which states the following: unexpected if on line 13 ( if (isset($_POST['btn-login'])) ) – w.doe Feb 28 '19 at 18:06
  • I don't see anything wrong with that, the problem could be on the line before it. Post the exact error message in the question. – Barmar Feb 28 '19 at 18:09
  • BTW, the word is "past", not "passed". – Barmar Feb 28 '19 at 18:09
  • thank you for the correction, I have updated the question – w.doe Feb 28 '19 at 18:15
  • That usually means you didn't terminate things properly on the previous line. – Barmar Feb 28 '19 at 18:17
  • Like forgetting the `;` at the end of the previous statement. – Barmar Feb 28 '19 at 18:18
  • I don't think that's the case because when I have tried to remedy the error for example adding a ";" the error remains the same, when I remove the if statement that is causing the error it is replaced by another error stating the else statement is unneccesary – w.doe Feb 28 '19 at 18:23
  • Add the new code to the question, I can't tell what's wrong without seeing it. – Barmar Feb 28 '19 at 18:24
  • please ignore my previous statement, you were right, thank you for the help again really appreciated – w.doe Feb 28 '19 at 18:26