Click here to Skip to main content
15,868,016 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
Hi everyone! I have a problem and I don't know why it happens, this is the error

Quote:
Fatal error: Undetected error: calling a member function bind_param () in bool at C: \ xampp \ htdocs \ clinica \ logging .php: 10 Stack trace: # 0 {main} released in C: \ xampp \ htdocs \ clinic \ logearse.php on line 10


And this is my code:
<?php
   // login
  include ("connex.php");
  session_start ();
  
   $ name = $ _ POST ['name'];
   $ pass = $ _ POST ['pass'];
   
    $ sql = $ conn- & gt; prepare ('SELECT * FROM user WHERE name =? pass =?');
   $ sql- & gt; bind_param ('ss', $ name, $ pass);  HERE'S THE PROBLEM 
   $ sql-execute ();
   $ result = $ sql- & gt; get_result ();
   
   if ($ row = $ result-> fetch_assoc ()) {
$ _SESSION ['name'] = $ name;
header ("location: home.php");
   }the rest{
header ("register.php");
   }
 
? & gt;


What I have tried:

I tried some things, but I dont why but happened, very thanks!.
Posted
Updated 22-Nov-21 21:46pm

1 solution

The obvious problem is that you have a syntax error in your SELECT statement - you need an And between the two conditions in your WHERE clause.
PHP
$sql = $conn->prepare('SELECT * FROM user WHERE name = ? AND pass = ?');

The slightly less obvious problem is that you are storing passwords incorrectly:
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

PHP even has built-in functions to help you do the right thing:
PHP: password_hash[^]
PHP: password_verify[^]

If this is a real-world application, you need to fix that urgently - unless you have really deep pockets to pay the gigantic fines you'll be hit with for not handling your users' data securely.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900