0

someone can help me for this problem please ? I don't understand why it happened.

Javascript code :

     login = () => {
          const {username,userPassword} = this.state;
          fetch('http://192.168.43.171:8080/SERVEURWEB_SMARTCAGE/php/connexion-verif_massi.php',{
            method:'post',
            header:{
                'Accept': 'application/json',
                'Content-type': 'application/json'
            },
            body:JSON.stringify({
                nom: username,
                password: userPassword,

            })
          })
          .then((Response) => Response.json())
          .then((ResponseJson)=>{
              if(ResponseJson == "entraineur"){
                this.props.navigation.navigate('EntraineurInterface');
              }
              else if(ResponseJson == "joueur"){
                this.props.navigation.navigate('JoueurInterface');
              }
              else{
                alert("Je rentre pas dans la boucle");
                console.log(ResponseJson);
              }
          })
          .catch((error)=>{
              console.error(error);
          })
      }

PHP CODE

<?php
// Importing DBConfig.php file.
include 'config.php';
$json = file_get_contents('php://input');
$obj = json_decode($json,true);
// Populate User nom from JSON $obj array and store into $nom.
$nom = $obj['nom']; 
// Populate Password from JSON $obj array and store into $password.
$password = hash('sha256',$obj['password']);


//Connexion to database and verif the data send by the application
if ($obj['nom']!=""){
    $result = $bdd->query("SELECT * FROM utilisateurs WHERE nom = '$nom' and password = '$password'");
        if ($result->rowCount()==0){
            echo json_encode('Mauvaises Informations');
        }
        else{
            $userinfo = $result->fetch();
            if($userinfo['type'] == 'entraineur'){
            echo json_encode('entraineur');
            }
            else($userinfo['type'] == 'joueur'){
            echo json_encode('joueur');
            }
        }
}
else{
    echo json_encode('reessayer');
}
?>

error :

JSON Parse error: Unrecognized token '<' at node_modules\react-native\node_modules\promise\setimmediate\core.js:37:13 in tryCallOne at node_modules\react-native\node_modules\promise\setimmediate\core.js:123:24 in setImmediate$argument_0 at node_modules\react-native\Libraries\Core\Timers\JSTimers.js:123:14 in _callTimer at node_modules\react-native\Libraries\Core\Timers\JSTimers.js:177:14 in _callImmediatesPass at node_modules\react-native\Libraries\Core\Timers\JSTimers.js:437:30 in callImmediates at node_modules\react-native\Libraries\BatchedBridge\MessageQueue.js:388:6 in __callImmediates at node_modules\react-native\Libraries\BatchedBridge\MessageQueue.js:132:6 in __guard$argument_0 at node_modules\react-native\Libraries\BatchedBridge\MessageQueue.js:365:10 in __guard at node_modules\react-native\Libraries\BatchedBridge\MessageQueue.js:131:4 in flushedQueue

I hope someone can help me with this problem.

brombeer
  • 8,716
  • 5
  • 21
  • 27
Massi
  • 11
  • 1
    MOST times you get a "<" in a JSON string, you actually get a 404 or other error HTML page so look in the network tab and look to see if you have correctly enabled CORS – mplungjan Mar 23 '22 at 14:40
  • You have a syntax error because you cannot have a qualifier on the `else` block. Therefore you're not getting a valid response from the PHP. If you'll look at the response in the Network tab of your browser's Developer tools, you'll see exactly what you're getting from the server. – aynber Mar 23 '22 at 14:41
  • **Warning:** Your code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. http://bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli / PDO. **Never** insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data. – ADyson Mar 23 '22 at 14:44
  • See also: [How can I prevent SQL injection in PHP?](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) . Parameterising your queries will also greatly reduce the risk of accidental syntax errors as a result of un-escaped or incorrectly quoted input values (e.g. a simple `'` in one of your input variables would break your SQL query right now!). If you learnt your current technique from a tutorial or book, please don't use it again. – ADyson Mar 23 '22 at 14:45
  • Also, please don't make your own password hashing routine - that is potentially another security risk. Learn about PHP's built-in, up-to-date, secure [password hashing and verification functions](https://www.php.net/manual/en/faq.passwords.php) instead. – ADyson Mar 23 '22 at 14:45
  • `else($userinfo['type'] == 'joueur'){` ...perhaps you meant `elseif($userinfo['type'] == 'joueur'){` . Always a) turn on PHP error logging and check the log file, or b) at least have error reporting into the output switched on, and then (in the case of an AJAX request) check the browser's Network tool to see what the full response from the PHP script was, in the case it failed to parse that response as JSON. Then you can see what the actual error was, rather than what you're seeing now which is merely a secondary consequence of the real problem. – ADyson Mar 23 '22 at 14:48
  • Thanks a lot ! Yes I've forgot the if after the else and it work. And thanks to other people to explain me the problem about security – Massi Mar 25 '22 at 12:25

0 Answers0