-1

I have a PHP file in which there is a function which is used to check the user input-output but somehow that is not working and when I debug it then there is an error as 'Call to undefined method mysqli_stmt::get_result' here is function code 

 public function getUserByEmailAndPassword($email, $password) {

      $stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");

       $stmt->bind_param("s", $email);

     if ($stmt->execute()) {
         $user = $stmt->get_result()->fetch_assoc();
         $stmt->close();


        // verifying user password
        $salt = $user['salt'];
        $encrypted_password = $user['encrypted_password'];
        $hash = $this->checkhashSSHA($salt, $password);
        // check for password equality
        if ($encrypted_password == $hash) {
            // user authentication details are correct
            return $user;
        }
    } else {
        return NULL;
    }
}

and I don't have mysqlnd enabled on my hosting provider's server and I can't enable it right now because hosting company won't provide me SSL certificate, so there has to find some alternative way for the same and also not to change the outcome too, and I have tried this Call to undefined method mysqli_stmt::get_result answer but no luck as I am relatively new to the PHP and cannot deduce that answer to use with my condition and have tried other ansers than accepted answer but they are not working for unknown reasons, that is the reason I had to ask it here.... any help would be appreciated...thanks here is the whole code in which above function lies

<?php class DB_Functions {

private $conn;

// constructor
function __construct() {
    require_once('DB_Connect.php'); 
    // connecting to database
    $db = new Db_Connect();
    $this->conn = $db->connect();
}

// destructor
function __destruct() {

}

/**
 * Storing new user
 * returns user details
 */
public function storeUser($name, $email, $password) {
    $uuid = uniqid('', true);
    $hash = $this->hashSSHA($password);
    $encrypted_password = $hash["encrypted"]; // encrypted password
    $salt = $hash["salt"]; // salt

    $stmt = $this->conn->prepare("INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES(?, ?, ?, ?, ?, NOW())");
    $stmt->bind_param("sssss", $uuid, $name, $email, $encrypted_password, $salt);
    $result = $stmt->execute();
    $stmt->close();

    // check for successful store
    if ($result) {
        $stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");
        $stmt->bind_param("s", $email);
        $stmt->execute();
        $user = $stmt->get_result()->fetch_assoc();
        $stmt->close();

        return $user;
    } else {
        return false;
    }
}

/**
 * Get user by email and password
 */
public function getUserByEmailAndPassword($email, $password) {

      $stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");

       $stmt->bind_param("s", $email);

     if ($stmt->execute()) {
         $user = $stmt->get_result()->fetch_assoc();
         $stmt->close();


        // verifying user password
        $salt = $user['salt'];
        $encrypted_password = $user['encrypted_password'];
        $hash = $this->checkhashSSHA($salt, $password);
        // check for password equality
        if ($encrypted_password == $hash) {
            // user authentication details are correct
            return $user;
        }
    } else {
        return NULL;
    }
}

/**
 * Check user is existed or not
 */
public function isUserExisted($email) {
    $stmt = $this->conn->prepare("SELECT email from users WHERE email = ?");

    $stmt->bind_param("s", $email);

    $stmt->execute();

    $stmt->store_result();

    if ($stmt->num_rows > 0) {
        // user existed 
        $stmt->close();
        return true;
    } else {
        // user not existed
        $stmt->close();
        return false;
    }
}

/**
 * Encrypting password
 * @param password
 * returns salt and encrypted password
 */
public function hashSSHA($password) {

    $salt = sha1(rand());
    $salt = substr($salt, 0, 10);
    $encrypted = base64_encode(sha1($password . $salt, true) . $salt);
    $hash = array("salt" => $salt, "encrypted" => $encrypted);
    return $hash;
}

/**
 * Decrypting password
 * @param salt, password
 * returns hash string
 */
public function checkhashSSHA($salt, $password) {

    $hash = base64_encode(sha1($password . $salt, true) . $salt);

    return $hash;
}  } ?>

the login file which uses above functions to check the conditions

<?php require_once 'include/DB_Functions.php';

$db = new DB_Functions(); $response = array("error" => FALSE);

if (isset($_POST['email']) && isset($_POST['password'])) {

$email = $_POST['email'];
$password = $_POST['password'];

// get the user by email and password
$user = $db->getUserByEmailAndPassword($email, $password);

if ($user != false) {
    // use is found
    $response["error"] = FALSE;
    $response["uid"] = $user["unique_id"];
    $response["user"]["name"] = $user["name"];
    $response["user"]["email"] = $user["email"];
    $response["user"]["created_at"] = $user["created_at"];
    $response["user"]["updated_at"] = $user["updated_at"];
    echo json_encode($response);
} else {
    // user is not found with the credentials
    $response["error"] = TRUE;
    $response["error_msg"] = "Login credentials are wrong. Please try again!";
    echo json_encode($response);
}

} ?>

meanwhile i tried to work with PDO to get mysqli out of equation but that is also returning no queries is well

 public function getUserByEmailAndPassword($email, $password) {
         $dsn = 'mysql:host=hostname; dbname=dbname';
         $user = username;
         $password = password;
        $db= new PDO($dsn, $user, $password);

          $params = array(':email' => $email,':password'=>$password );

          $stm = $db->prepare('SELECT * FROM users WHERE email= :email AND password= :password');
         if($stm->execute($params)){
          $user = $stm->fetch(PDO::FETCH_ASSOC);

        // verifying user password
        $salt = $user['salt'];
        $encrypted_password = $user['encrypted_password'];
        $hash = $this->checkhashSSHA($salt, $password);
        // check for password equality
        if ($encrypted_password == $hash) {
            // user authentication details are correct
            return $user;
        }
    } else {
        return NULL;
    }
}
Prakash
  • 1
  • 6
  • It did not work in my case somehow , I tried this also – Prakash Nov 29 '17 at 21:53
  • Do you have a connection within the function scope? You need more conditional checks earlier than where the error occurs. Prove to yourself (and us) that you have successfully connected to your database before writing your `stmt`. If this doesnt fix the issue, please update your post to show your latest coding attempt. – mickmackusa Nov 30 '17 at 02:04
  • yes the whole file script is right and i have tried this on my localhost where mysqlnd is enabled so it worked perfectly but as i took it to live servers then problem started and btw it tried to convert it to PDO but again it is returning nothing for further processing – Prakash Nov 30 '17 at 09:30
  • Please update your question to reflect the fact that you have written conditional checks. This eliminates possible issues when there are no prior errors. – mickmackusa Nov 30 '17 at 09:34
  • should i post whole code then – Prakash Nov 30 '17 at 09:37
  • Can... you... write... if... conditions... to... verify... the... connection... is... successful? – mickmackusa Nov 30 '17 at 09:54
  • the connection is through another script named as DB_Connect and I have referenced that file in my code so the connection is successful and the return is not null actually the functions of this files are used by other login and register files and the register one is working perfectly the problem is with login file – Prakash Nov 30 '17 at 10:17
  • `storeUser ()` queries work without errors? It is not using `$stmt->store_result();`. – mickmackusa Nov 30 '17 at 10:36
  • yes that's why I am more confused – Prakash Nov 30 '17 at 10:59
  • Try modifying your script to use bind_result and name your SELECT columns. Or try unchaining `$stmt->get_result()->fetch_assoc();` and write it over two lines. – mickmackusa Nov 30 '17 at 11:10
  • sorry but I don't know how to change my code in bind_result and yes re-chaining does not work... – Prakash Nov 30 '17 at 11:23
  • You are not willing to read the php manual on bind_result? Are you a web developer? – mickmackusa Nov 30 '17 at 11:50
  • actually, most of the times I work on android so not much PHP , I know but I have read manual on bind_result and tried to change my code accordingly ,I will post my code to let you know – Prakash Nov 30 '17 at 11:53

1 Answers1

0

get_result is only available with the native drive (mysqlnd)

Use store_result instead.

http://php.net/manual/en/mysqli.store-result.php

spencer7593
  • 99,718
  • 14
  • 99
  • 122
  • I know this is bad practice but would you just guide me into this with my question in mind or tell me how exactly I need to change that particular line actually I don't understand PHP that much ... – Prakash Nov 29 '17 at 21:51
  • You should attempt to self-solve with this advice too. – mickmackusa Nov 30 '17 at 12:12