Pulling crypt passwords from MySQL


#1

I am trying to get crypt passwords out of a database for a members log in. A person will type in their name and password and if it is recognized in the database table then it will let them in to other areas of the web section. I am new to crypt and having a little trouble getting it to work. When I run my code I get a notice that reads “Trying to get property of non-object”. I’m missing something but not sure what it is. My database table is set up like this:

Members table:
Name – primary key
Password

If someone can help me I appreciate it thanks.
r.
Here is my php code:
[php]

<?php session_start(); if (isset($_POST['userid']) && isset($_POST['password'])) { // if the user has just tried to log in $userid = $_POST['userid']; $password = $_POST['password']; $db_conn = new mysqli('localhost', 'root', 'newpass', 'memdata'); if (mysqli_connect_errno()) { echo 'Connection to database failed:'.mysqli_connect_error(); exit(); } $query = 'select * from members ' ."where name='$userid' " ." and password=crypt('$password')"; $result = $db_conn->query($query); if ($result->num_rows >0 ) { // if they are in the database register the user id $_SESSION['valid_user'] = $userid; } $db_conn->close(); } ?>

[/php]


#2

getting property of a non object means that whatever you are try to get, the value is not an object. Could be an array, could be not there.

You didn’t say at what point you were getting this message.


#3

For starters, you may want to use this version of the password,

[php] $password = crypt($_POST[‘password’]);[/php]
You should also be using prepared statements.

You may also want to wrap the database connection stuff in a try catch. If there are problems, you will probably want to do something about it.