Wikipedia:Reference desk/Archives/Computing/2017 November 2

Add links
From Wikipedia, the free encyclopedia
Computing desk
< November 1 << Oct | November | Dec >> November 3 >
Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.


November 2[edit]

PHP question[edit]

My code for login page handling for multiple concurrent users is failing miserably at the password_verify() funtion line with message Catchable fatal error: Object of class stdClass could not be converted to string in E:\xampp\htdocs\codd\c30.php on line 22 

<?php 

$dsn = "mysql:dbname=userdetails;host=localhost;port=3306";
$username2 = "%";$password2 = "";


try
{
$userid=$_POST["username"];
$password=$_POST["password"];
$secpass=password_hash($password,PASSWORD_DEFAULT);
$con5=new PDO($dsn, $username2, $password2);
$con5->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$con5->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);$con5->beginTransaction();
$stmt7=$con5->prepare("SELECT password FROM user_data WHERE userid='$userid'");
$stmt7->execute();
$result['password']=$stmt7->fetch(PDO::FETCH_OBJ);$con5->commit();
if(password_verify($secpass,$result['password'])&& isset($_POST['Login']) && isset($_POST['username'])&& isset($_POST['password']))
{
	echo "your password matches";
}
else
{
   echo "youhavetologin again";
}
}
catch(ErrorException $e)

{
    $e->getMessage();
}

	finally{

unset($_POST['Login']);unset($_POST['username']);unset($_POST['password']); $con5=NULL;
	}
?>

Replacing if(password_verify($secpass,$result['password']) with if(password_verify($secpass,$result->password yields Warning: password_verify() expects parameter 2 to be string, object given in E:\xampp\htdocs\codd\c30.php on line 19 youhavetologin again Please provide substitute code suggestion — Preceding unsigned comment added by Wrought2 (talkcontribs) 09:56, 2 November 2017 (UTC)[reply]

The problem is that you're not handling the return value from $stmt7->fetch correctly. The fetch method returns an array (indexed by column name), but you're assigning it to an element of $result, not to $result itself. Try instead:
$result=$stmt7->fetch(PDO::FETCH_OBJ);$con5->commit();
and keep your original code for the call to password_verify. The relevant page of the PHP manual is here. Tevildo (talk) 17:30, 2 November 2017 (UTC)[reply]
A quick follow-up:
$result=$stmt7->fetch(PDO::FETCH_ASSOC);$con5->commit();
will explicitly return an array rather than an anonymous object, which will be a better match to the rest of your code. Tevildo (talk) 17:35, 2 November 2017 (UTC)[reply]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Wikipedia:Reference_desk/Archives/Computing/2017_November_2&oldid=852275871"