Notice: Only variables should be passed by reference [duplicate]

Question

The following is my PHP code.

<?php
session_start();

if(isset($_SESSION['user_id'])) {
    header("Location: /");
}

require 'database.php';

$message = '';

    if(!empty($_POST['email']) && !empty($_POST['password'])):
        //Enter the new user in the database.
        $sql ="INSERT INTO users (email, password) VALUES(:email, :password)";
        $stmt = $conn->prepare($sql);

        $stmt->bindParam(':email', $_POST['email']);
        $stmt->bindParam(':password',password_hash($_POST['password'], PASSWORD_BCRYPT));
        if ($stmt->execute()):
            $message = 'successfully created new user';
        else:
            $message = 'Sorry there must have been an issue creating your an account.';
        endif;
    endif;

It shows an error saying that:

Notice: Only variables should be passed by reference in C:\xampp\htdocs\auth\register.php on line 17

On line 17, this following code lies:

$stmt->bindParam(':password',password_hash($_POST['password'], PASSWORD_BCRYPT));

Any idea what the problem is and what Only variables should be passed by reference means?

Answer 1

bind_param takes values by reference. It does this by looking at the variable you're passing and pointing at the innards directly.

In your call, you're returning the string result of a function call - password_hash in this case. Because there's no variable involved, there are no innards to point to. PHP is whining about not being able to pass the data by reference as a result.

You will need to stick the result of the function call into a variable, then pass that variable into the bind instead.

Try this:

$password = password_hash($_POST['password'], PASSWORD_BCRYPT);
$stmt->bindParam(':password',$password );

Credit: Here