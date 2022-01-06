Php mysql novice to ninja, authentication class

PHP
#1

I keep getting this error message when I try to log in my project:
“Trying to get property ‘password’ of non-object in /home/vagrant/Code/Project/classes/Loo/Authentication.php on line 19
It is from this function:

public function login($username, $password) {
		$user = $this->users->find($this->usernameColumn, strtolower($username));
		if (!empty($user) && password_verify($password, $user.....//

everything else works fine… i have starred at for hours… everything looks as it should…
i really hope someone can help… $password stores $_POST[‘password’] from login form… when the function is called from Login.php…
public function processLogin() {
if ($this->authentication->login($_POST[‘email’], $_POST[‘password’])) {
header(‘location: /login/success’);
}… // $_POST is set… i tried to echo it…

#2

You cut off the part that would be needed to help you debug…

#3

ok here is the rest of the class… until the function that triggers the error…
the login function… It is first time i’m in here… thanks for replying

namespace Loo;

class Authentication {
	private $users;
	private $usernameColumn;
	private $passwordColumn;

	public function __construct(DatabaseTable $users, $usernameColumn, $passwordColumn) {
		session_start();
		$this->users = $users;
		$this->usernameColumn = $usernameColumn;
		$this->passwordColumn = $passwordColumn;
	}

	public function login($username, $password) {
		$user = $this->users->find($this->usernameColumn, strtolower($username));
	
		if (!empty($user) && password_verify($password, $user[0]->{$this->passwordColumn})) {
			session_regenerate_id();
			$_SESSION['username'] = $username;
			$_SESSION['password'] = $user[0]->{$this->passwordColumn};
			return true;
		}
		else {
			return false;
		}
	}
#4

Never put a password in sessions, here’s an example of my login

    public function login(): void
    {
        $sql = "SELECT id, hashed_password FROM " . static::$table . " WHERE username =:username LIMIT 1";

        $user = static::fetch_by_column_name($sql);

        if ($user && password_verify($this->password, $user['hashed_password'])) {
            unset($this->password, $user['hashed_password']);
            session_regenerate_id(); // prevent session fixation attacks
            static::$last_login = $_SESSION['last_login'] = time();
            $this->id = $_SESSION['id'] = $user['id'];
            header("Location: ../game.php");
            exit();
        }

        static::$error[] = 'Unable to login in!';

    }
#5

$user[0] appears to not have been an object.

What happens if you print_r($user) on the line before?

#6

I got it… I printed out line for line narrowed it down to this line…

$user[0]->$this->passwordColumn

…changed it to: $user[0][$this->passwordColumn]

…now it works…
thank you for taking the time too look at it…