Php mysql novice to ninja, authentication class

I keep getting this error message when I try to log in my project:
“Trying to get property ‘password’ of non-object in /home/vagrant/Code/Project/classes/Loo/Authentication.php on line 19
It is from this function:

public function login($username, $password) {
		$user = $this->users->find($this->usernameColumn, strtolower($username));
		if (!empty($user) && password_verify($password, $user.....//

everything else works fine… i have starred at for hours… everything looks as it should…
i really hope someone can help… $password stores $_POST[‘password’] from login form… when the function is called from Login.php…
public function processLogin() {
if ($this->authentication->login($_POST[‘email’], $_POST[‘password’])) {
header(‘location: /login/success’);
}… // $_POST is set… i tried to echo it…

You cut off the part that would be needed to help you debug…

ok here is the rest of the class… until the function that triggers the error…
the login function… It is first time i’m in here… thanks for replying

namespace Loo;

class Authentication {
	private $users;
	private $usernameColumn;
	private $passwordColumn;

	public function __construct(DatabaseTable $users, $usernameColumn, $passwordColumn) {
		$this->users = $users;
		$this->usernameColumn = $usernameColumn;
		$this->passwordColumn = $passwordColumn;

	public function login($username, $password) {
		$user = $this->users->find($this->usernameColumn, strtolower($username));
		if (!empty($user) && password_verify($password, $user[0]->{$this->passwordColumn})) {
			$_SESSION['username'] = $username;
			$_SESSION['password'] = $user[0]->{$this->passwordColumn};
			return true;
		else {
			return false;

Never put a password in sessions, here’s an example of my login

    public function login(): void
        $sql = "SELECT id, hashed_password FROM " . static::$table . " WHERE username =:username LIMIT 1";

        $user = static::fetch_by_column_name($sql);

        if ($user && password_verify($this->password, $user['hashed_password'])) {
            unset($this->password, $user['hashed_password']);
            session_regenerate_id(); // prevent session fixation attacks
            static::$last_login = $_SESSION['last_login'] = time();
            $this->id = $_SESSION['id'] = $user['id'];
            header("Location: ../game.php");

        static::$error[] = 'Unable to login in!';


$user[0] appears to not have been an object.

What happens if you print_r($user) on the line before?

I got it… I printed out line for line narrowed it down to this line…


…changed it to: $user[0][$this->passwordColumn]

…now it works…
thank you for taking the time too look at it…

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.