0

I got an error while running this code Help me please To solve this problem thank you very much.

Notice: Undefined variable: conn in E:\xampp\htdocs\MyDataSet\loginApi.php on line 14 Warning: mysqli_query() expects parameter 1 to be mysql. null given in E:\xampp\htdocs\MyDataSet\loginApi.php on line 14.

<?php 
require('conn.php');
/*include connection fiele*/
header("Content-Type:Application/json");
header('Acess-Control-Allow-Origin:*');
header('Access-Control-Allow-Methodes:GET');
header('Access-Control-Allow-Heders:Access-Control-Allow-Heders,Access-Control-Allow- 
Methodes,Content-Type,Authorization,X-Requested-With');
/*header information*/
function login_function($mail,$pass)
{
    $query = "SELECT*FROM user WHERE email='$mail' AND password='$pass'";
    $result=(mysqli_query($conn,$query));
    if (mysqli_num_rows($result)>0) 
    {
        $json['status']=200;
        $json['message']='Login Successful';
        echo json_encode($json);
    }else{
        $json['status']=400;
        $json['message']='Wrong email or password';
        echo json_encode($json);
    }
}
if (isset($_GET['mail'],$_GET['pass']))
{
    $mail=$_GET['mail'];
    $pass=$_GET['pass'];
    if (!empty($mail)&& !empty($pass)) 
    {
        login_function($mail,$pass);
    }else{
        $json['status']=100;
        $json['message']='You must fill both fields';
        echo json_encode($json);
    }
}
?>
experimantal boye
  • 11
  • 2
  • `$conn` is out of scope. Also use parameterized queries with prepared statements, and dont use plain text passwords. You also should give spaces between operators, `SELECT*FROM` should be `SELECT * FROM` – user3783243 Jan 03 '21 at 13:50
  • Does this answer your question? [Reference: What is variable scope, which variables are accessible from where and what are "undefined variable" errors?](https://stackoverflow.com/questions/16959576/reference-what-is-variable-scope-which-variables-are-accessible-from-where-and) – user3783243 Jan 03 '21 at 13:51
  • 1
    **Never store passwords in clear text or using MD5/SHA1!** Only store password hashes created using PHP's [`password_hash()`](https://php.net/manual/en/function.password-hash.php), which you can then verify using [`password_verify()`](https://php.net/manual/en/function.password-verify.php). Take a look at this post: [How to use password_hash](https://stackoverflow.com/q/30279321/1839439) and learn more about [bcrypt & password hashing in PHP](https://stackoverflow.com/a/6337021/1839439) – Dharman Jan 03 '21 at 13:53
  • Does this answer your question? [Mysqli query in function - PHP](https://stackoverflow.com/questions/16009164/mysqli-query-in-function-php) – Dharman Jan 03 '21 at 13:54
  • `if (isset($_GET['mail'],$_GET['pass']))` and `if (!empty($mail)&& !empty($pass)) ` are redundant. Just run the `!empty`s on the `GET`s. Currently your `isset` doesn't throw an error message as well. – user3783243 Jan 03 '21 at 13:55

0 Answers0