Skip to content
Advertisement

My index.html PHP page will not load when my login code is present

I watched a tutorial to build out a registration / login page. The register.php page works fine and writes new users to my mysql database. The index.html page will not load at all for data entry as written (but doesn’t give me a specific error). I have checked it against the tutorial. I ran the code through a code checker and it didn’t pick up on anything. I have copied the entire page code at the bottom of this question. If I remove the section of code I copied in the top entry, the page will at least load so I assume the error lies in that part of the code.

INDEX.PHP WILL LOAD WITHOUT THIS SECTION OF CODE

if(isset($_REQUEST['login_btn'])){
        $email = filter_var(strtolower($_REQUEST['email']),FILTER_SANITIZE_EMAIL); //strtolower changes email to all lower case
        $password = strip_tags($_REQUEST['password']);

        if(empty($email)){
            $errorMsg[] = 'Must enter email';
        }
        else if(empty($password)){
            $errorMsg[] = 'Must enter password';
        }  
        else{
            try{
            $select_stmt = $db->prepare("SELECT * from users WHERE email = :email LIMIT 1");
            $select_stmt->execute([
                ':email' => $email
            ]);
            $row = $select_stmt->fetch(PDO::FETCH_ASSOC);

            if(select_stmt->rowCount() > 0){
                if(password_verify($password,$row["password"])){

                    $_SESSION['user']['firstname'] = $row["firstname"];
                    $_SESSION['user']['email'] = $row["email"];
                    $_SESSION['user']['user'] = $row["userid"];

                    header("location: welcome.php");
            }
            else{
                $errorMsg[] = "Wrong Email or Password";                
            }
        }
        else{
            $errorMsg[] = "Wrong Email or Password";
        } 
    }        
    catch(PDOException $e){
        echo $e->getMessage();
        }

    }
     
}

THE CODE BELOW IS THE FULL INDEX.PHP PAGE

    <?php
require_once '../../db_php/dbconnection.php';
session_start();

if( isset($_SESSION['user']) ){
    header("location: welcome.php");
}

if(isset($_REQUEST['login_btn'])){
        $email = filter_var(strtolower($_REQUEST['email']),FILTER_SANITIZE_EMAIL); //strtolower changes email to all lower case
        $password = strip_tags($_REQUEST['password']);

        if(empty($email)){
            $errorMsg[] = 'Must enter email';
        }
        else if(empty($password)){
            $errorMsg[] = 'Must enter password';
        }  
        else{
            try{
            $select_stmt = $db->prepare("SELECT * from users WHERE email = :email LIMIT 1");
            $select_stmt->execute([
                ':email' => $email
            ]);
            $row = $select_stmt->fetch(PDO::FETCH_ASSOC);

            if(select_stmt->rowCount() > 0){
                if(password_verify($password,$row["password"])){

                    $_SESSION['user']['firstname'] = $row["firstname"];
                    $_SESSION['user']['email'] = $row["email"];
                    $_SESSION['user']['user'] = $row["userid"];

                    header("location: welcome.php");
            }
            else{
                $errorMsg[] = "Wrong Email or Password";                
            }
        }
        else{
            $errorMsg[] = "Wrong Email or Password";
        } 
    }        
    catch(PDOException $e){
        echo $e->getMessage();
        }

    }
     
}

?>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-KyZXEAg3QhqLMpG8r+8fhAXLRk2vvoC2f3B09zVXn8CA5QIVfZOJ3BCsw2P0p/We" crossorigin="anonymous">
    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/bootstrap.bundle.min.js" integrity="sha384-U1DAWAznBHeqEIlVSCgzq+c9gqGAJn5c/t99JyeKa9xxaYpSvHU5awsuZVVFIhvj" crossorigin="anonymous"></script>
    <title>Fireytech Database Home</title>
    <link rel="stylesheet" href="css/style.css">
</head>
<body>
    <div class="container">
<?php

            if( isset($errorMsg) ){
                foreach($errorMsg as $loginError){
                echo "<p class='alert alert-danger'>".$loginError."</p>";
            }
        }
?>        
        <form action="index.php" method="post">
      <div class="mb-3">
          <label for="email" class="form-label">Email address</label>
          <input type="email" name="email" class="form-control" placeholder="Enter Email">
        </div>
        <div class="mb-3">
          <label for="password" class="form-label">Password</label>
          <input type="password" name="password" class="form-control" placeholder="Enter Password">
        </div>
            <button type="submit" name="login_btn" class="btn btn-primary">Login</button>
        </form>
    </div>
</body>
</html>

Advertisement

Answer

M. Eriksson posted above and it was the correct answer so I’m copying it here to close this question.

if(select_stmt->rowCount() > 0) should be if($select_stmt->rowCount() > 0) (missing the $ in front of the variable).

However, you should change it to just: if ($row) {...} since the manual says:

For most databases, PDOStatement::rowCount() does not return the number of rows affected by a SELECT statement.

User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement