This php login code always return nothing

Question

operations file

function userLogin($username,$pass){
    $password = md5($pass);
    $stmt = $this->con->prepare("SELECT id FROM users WHERE username = ? AND password = ?");
    $stmt->bind_param("ss",$username, $password);
    $stmt->execute();
    $stmt->store_result();
    return $stmt->num_rows > 0;
}

function getUserByUsername($username){
    $stmt = $this->con->prepare("SELECT * FROM users WHERE username = ?");
    $stmt->bind_param("s",$username);
    $stmt->execute();
    return $stmt->get_result()->fetch_assoc();
}

userlogin file

require_once('../includes/DbOperations.php');

$response = array();

if($_SERVER['REQUEST_METHOD'] == 'POST'){

    if (isset($_POST['username']) and isset($_POST['password'])) {
        $db = new DbOperations();

        if ($db->userLogin($_POST['username'], $_POST['password'])) {
            $user = $db->getUserByUsername($_POST['username']);
            $response['error'] = false;
            $response['id'] = $user['id'];
            $response['email'] = $user['email'];
            $response['username'] = $user['username'];
        }else{
            $response['error'] = true;
            $response['message'] = "Invalid username or password";
        }

    }else{
        $response['error'] = true;
        $response['message'] = "Required fields are missing";
    }
}

@Progrock I failed to see a question on their part, just a code dump and their title of it returning nothing, kind of makes you think that you get back what you sow. — Funk Forty Niner, Jan 14 '19 at 04:33
*Bit of a tip:* I think that now would be a good time for you to go over the help area if you haven't already https://stackoverflow.com/help and the related links inside it. Please read through that and you'll see how things work here on Stack Overflow. It will give you a good idea as to how to formulate a good question, to see what can and should not be asked, as well as what is expected from you. This was made and put into place in order to help (you) have a better and positive experience here on Stack Overflow, which is what everybody wants and aims for. — Funk Forty Niner, Jan 14 '19 at 04:36
MD5 is not appropriate to hash passwords, instead use a password-hash function like BCrypt, SCrypt, Argon2 or PBKDF2. In PHP you can use [password_hash()](http://www.php.net/manual/en/function.password-hash.php) and [password_verify()](http://www.php.net/manual/en/function.password-verify.php), maybe this [answer](https://stackoverflow.com/a/38422760/575765) will help to get you started. — martinstoeckli, Jan 14 '19 at 08:02

score 0 · Answer 1 · answered Jan 14 '19 at 06:44

Use below code

function userLogin($username,$pass){
    $password = md5($pass);
    $stmt = $this->con->prepare("SELECT id FROM users WHERE username = ? AND password = ?");
    $stmt->bind_param("ss",$uname, $pwd);
    $uname = $username;
    $pwd = $password;
    $stmt->execute();
    $stmt->store_result();
    return $stmt->num_rows > 0;
}

function getUserByUsername($username){
    $stmt = $this->con->prepare("SELECT * FROM users WHERE username = ?");
    $stmt->bind_param("s",$uname);
    $uname = $username;
    $stmt->execute();
    return $stmt->get_result()->fetch_assoc();
}

Actually am using android studio for the form and i used postman client to test it and nothing is showing when i test the query. — peter hilson, Jan 15 '19 at 14:02

This php login code always return nothing

1 Answers1