0

I have searched for a long time on this topic and have had no results. Here is my code...

<?php

  session_start();

  if (isset($_SESSION["status"]) && $_SESSION["status"] === true) {
    header("location: ../index.php");
    exit;
  }

  require_once "config.php";

  $email = $password = "";
  $email_err = $password_err = "";

  if ($_SERVER["REQUEST_METHOD"] == "POST") {

    if (empty(trim($_POST["email"]))) {
      $email_err = "Please enter a valid email address. ";
    } else {
      $email = trim($_POST["email"]);
    }

    if (empty(trim($_POST["password"]))) {
      $password_err = "Please enter a valid password. ";
    } else {
      $password = trim($_POST["password"]);
    }

    if (empty($email_err) && empty($password_err)) {

      $sql = "SELECT id, email, passsword, key FROM users WHERE email = ?";

      if ($stmt = mysqli_prepare($link, $sql)) {

        mysqli_stmt_bind_param($stmt, "s", $param_email);

        $param_email = $email;

        if (mysqli_stmt_execute($stmt)) {

          mysqli_stmt_store_result($stmt);

          if (mysqli_stmt_num_rows($stmt) == 1) {

            mysqli_stmt_bind_result($stmt, $id, $email, $hashed_password, $key);

            if (mysqli_stmt_fetch($stmt)) {

              if (password_verify($password, $hashed_password)) {

                session_start();

                $_SESSION["status"] = true;
                $_SESSION["id"] = $id;
                $_SESSION["email"] = $email;
                $_SESSION["key"] = $key;

                header("location: ../index.php");

              } else {

                $password_err = "The password you entered was not valid.";
                echo $password_err;

              }

            }

          } else {

            $email_err = "No accont was found with that email address.";
            echo $email_err;

          }

        } else {

          echo "Oops! Something went wrong. Please try again later.";

        }

        mysqli_stmt_close($stmt);

      }

    }

    mysqli_close($link);

  }

?>

<!DOCTYPE html>
<html lang="en">
  <head>
    <link rel="stylesheet" href="../css/login.css">
    <title></title>
  </head>
  <body>
    <div class="login-form">
      <h1>Login</h1>
      <div class="container">
        <form action="" method="post">
          <input type="email" name="email" placeholder="Type your email here...">
          <input type="password" name="password" placeholder="Type your password here...">
          <button type="submit">Login</button>
        </form>
      </div>
    </div>
  </body>
</html>

When I run this code and try to login I get nothing. It just reloads the page. I have since added some echo functions in different places to see where it breaks and it seems to break at this if ($stmt = mysqli_prepare($link, $sql)). I added the link after this if statement to echo $stmt and it returns

Notice: Undefined variable: stmt

I modified this code from a tutorial which I have successfully used before but I'm not sure what's different this time. My PHP version is 7.4 and my MySQL is 8.0.19. A connection has been successfully made with the database as I ran the config file separately and it returned true. Can anyone help with this?

myname
  • 1
  • 2
  • 1
    Try `echo`ing $email_err or $password_err. Your `if (empty($email_err) && empty($password_err))` doesn't have an "else". So my guess is that there is an email or password error event... because it would explain why that block doesn't run. – Jeff Vdovjak Feb 26 '20 at 01:37
  • 1
    Your Notice of $stmt being undefined is because you call it before you set it. – Jeff Vdovjak Feb 26 '20 at 01:38
  • _I modified this code from a tutorial_ . You got from this ? [Tutorial Republic-PHP MySQL Login System](https://www.tutorialrepublic.com/php-tutorial/php-mysql-login-system.php) . if yes, please try to change the example code from **Procedural** to **Object Oriented** . – Citizen Patrol Feb 26 '20 at 02:00
  • You're also using a mysql reserved word, being `key`. Either rename it to one that isn't reserved or use ticks `\`` around it. – Funk Forty Niner Feb 26 '20 at 02:14

0 Answers0