Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Variables not being passed to class method

Tags:

methods

php

class

I'm building a login class with PHP, but the variables used are empty when I pass them to the class method even though they shouldn't be. I tried returning only the $username variable but it's still empty, though if I return it without using the class I can see that it gets assigned correctly.

I'm using multiple other classes with methods where the variables gets assigned correctly.

I don't know if i've stared myself blind and am missing something obvious or if there's something else causing this.

class Auth
{
    private $mysqli;

    public function __construct(mysqli $mysqli)
    {
        $this->mysqli = $mysqli;
    }

    public function login($username, $password) //These variables are empty, even when they shouldn't be
    {
        $return['error'] = true;

        $uid = $this->getUserId(strtolower($username)); //Returns false because $username variable is empty

        if (!$uid) {
            $return['message'] = 'No such user.'; //Output
            return $return;
        }

        $user = $this->getUser($uid);

        if (!password_verify($password, $user['password'])) {
            $return['message'] = 'Password incorrect';
            return $return;
        }

        $return['error'] = false;
        $return['message'] = 'Logged in';

        return $return;
    }

    private function getUserId($username)
    {
        $stmt = $this->mysqli->prepare("SELECT id FROM users WHERE username = ?");
        $stmt->bind_param('s', $username);
        $stmt->execute();
        $stmt->store_result();
        $stmt->bind_result($id);

        if ($stmt->num_rows < 1) {
            return false;
        }

        $stmt->fetch();

        return $id;
    }

    private function getUser($uid)
    {
        $stmt = $this->mysqli->prepare("SELECT username, password, email FROM users WHERE id = ?");
        $stmt->bind_param('s', $uid);
        $stmt->execute();
        $stmt->store_result();
        $stmt->bind_result($username, $password, $email);

        if ($stmt->num_rows < 1) {
            return false;
        }

        $stmt->fetch();

        $return['uid'] = $uid;
        $return['username'] = $username;
        $return['password'] = $password;
        $return['email'] = $email;

        return $return;
    }
}

A form assigns the variables sent.

<form method="POST" action="post.php">
    <label>Username
    <input style="display:block;width:250px;" type="text" name="username" required></label>
    <label>Password
    <input style="display:block;width:250px;" type="password" name="password"></label>
    <button style="display:block;" class="default_btn">Log in</button>
</form>

if (isset($_POST['username'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];

    $auth = new Auth($mysqli);
    $auth->login($username, $password);

    if ($auth->login()['error']) {
        echo 'error:' . $auth->login()['message'];
    } else {
        echo 'success:' . $auth->login()['message'];
    }
}

EDIT:

If I assign the variables in the class method the code works:

public function login($username = 'user', $password = 'pass')

But if I do this, it will not work:

$username = 'User';
$password = 'pass';

$auth = new Auth($mysqli);
$auth->login($username, $password);

Also, if I use the $_POST values outside of $auth->login() they are assigned so they are not empty when passing them to the class...

like image 591
Crs Avatar asked Oct 05 '15 09:10

Crs


1 Answers

The problem seems to be that you don't store the result and instead call login again without values: if ($auth->login()['error']) {.

Try this:

<form method="POST" action="post.php">
    <label>Username
    <input style="display:block;width:250px;" type="text" name="username" required></label>
    <label>Password
    <input style="display:block;width:250px;" type="password" name="password"></label>
    <button style="display:block;" class="default_btn">Log in</button>
</form>

if (isset($_POST['username'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];

    $auth = new Auth($mysqli);
    $login_result = $auth->login($username, $password);

    if ($login_result['error']) {
        echo 'error:' . $login_result['message'];
    } else {
        echo 'success:' . $login_result['message'];
    }
}
like image 160
Darsstar Avatar answered Sep 29 '22 15:09

Darsstar