Php mysql novice to ninja, authentication class

aarnio · January 5, 2022, 8:22pm

I keep getting this error message when I try to log in my project:
“Trying to get property ‘password’ of non-object in /home/vagrant/Code/Project/classes/Loo/Authentication.php on line 19”
It is from this function:

public function login($username, $password) {
		$user = $this->users->find($this->usernameColumn, strtolower($username));
		if (!empty($user) && password_verify($password, $user.....//

everything else works fine… i have starred at for hours… everything looks as it should…
i really hope someone can help… $password stores $_POST[‘password’] from login form… when the function is called from Login.php…
public function processLogin() {
if ($this->authentication->login($_POST[‘email’], $_POST[‘password’])) {
header(‘location: /login/success’);
}… // $_POST is set… i tried to echo it…

DaveMaxwell · January 5, 2022, 8:25pm

You cut off the part that would be needed to help you debug…

aarnio · January 5, 2022, 8:41pm

ok here is the rest of the class… until the function that triggers the error…
the login function… It is first time i’m in here… thanks for replying

namespace Loo;

class Authentication {
	private $users;
	private $usernameColumn;
	private $passwordColumn;

	public function __construct(DatabaseTable $users, $usernameColumn, $passwordColumn) {
		session_start();
		$this->users = $users;
		$this->usernameColumn = $usernameColumn;
		$this->passwordColumn = $passwordColumn;
	}

	public function login($username, $password) {
		$user = $this->users->find($this->usernameColumn, strtolower($username));
	
		if (!empty($user) && password_verify($password, $user[0]->{$this->passwordColumn})) {
			session_regenerate_id();
			$_SESSION['username'] = $username;
			$_SESSION['password'] = $user[0]->{$this->passwordColumn};
			return true;
		}
		else {
			return false;
		}
	}

Pepster64 · January 5, 2022, 11:57pm

Never put a password in sessions, here’s an example of my login

    public function login(): void
    {
        $sql = "SELECT id, hashed_password FROM " . static::$table . " WHERE username =:username LIMIT 1";

        $user = static::fetch_by_column_name($sql);

        if ($user && password_verify($this->password, $user['hashed_password'])) {
            unset($this->password, $user['hashed_password']);
            session_regenerate_id(); // prevent session fixation attacks
            static::$last_login = $_SESSION['last_login'] = time();
            $this->id = $_SESSION['id'] = $user['id'];
            header("Location: ../game.php");
            exit();
        }

        static::$error[] = 'Unable to login in!';

    }

m_hutley · January 6, 2022, 2:28am

$user[0] appears to not have been an object.

What happens if you print_r($user) on the line before?

aarnio · January 6, 2022, 6:17am

I got it… I printed out line for line narrowed it down to this line…

$user[0]->$this->passwordColumn

…changed it to: $user[0][$this->passwordColumn]

…now it works…
thank you for taking the time too look at it…

system · April 7, 2022, 1:17pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.