Menu
I am having some problems trying to echo errors produced from a login page. This is the error that I keep receiving even after I tried adding values into the $errors property “Warning: Invalid argument supplied for foreach() in /var/www/classLogin.php on line 130”
[code=html]<?php
require ‘classLogin.php’;
$classLogin = new Login;
$classLogin->loginWithPostData();
?>
<!DOCTYPE html>
<html lang=”en”>
<head>
<title>Login</title>
</head>
<body>
<div class=”container”>
<form method=”post”>
<h2>Please sign in</h2>
<input type=”text” class=”form-control” name=”user_name” placeholder=”Email address” value=”<?php if(isset($_POST[‘user_name’])) { echo ($_POST[‘user_name’]);} ?>” >
<input type=”password” class=”form-control” name=”user_password” placeholder=”Password” autofocus>
<button name=”submit” type=”submit”>Sign in</button>
</form>
</div>
</body>
</html>
[code=php]<?php
/**
* Class login
* handles the user login/logout/session
*/
class Login
{
/**
* @var object The database connection
*/
public $db_connection;
public $user_name = “”;
/**
* @var string The user’s password
*/
public $user_password = “”;
/**
* @var boolean The user’s login status
*/
public $user_is_logged_in = false;
/**
* @var array Collection of error messages
*/
public $errors = array();
/**
* @var array Collection of success / neutral messages
*/
public $messages = array();
/**
* the function “__construct()” automatically starts whenever an object of this class is created,
* you know, when you do “$login = new Login();”
*/
public function __construct()
{
// TODO: adapt the minimum check like in 0-one-file version
// create/read session
session_start();
// check the possible login actions:
// 1. logout (happen when user clicks logout button)
// 2. login via session data (happens each time user opens a page on your php project AFTER he has sucessfully logged in via the login form)
// 3. login via post data, which means simply logging in via the login form. after the user has submit his login/password successfully, his
// logged-in-status is written into his session data on the server. this is the typical behaviour of common login scripts.
$this->db_connection = new mysqli(‘localhost’, ‘root’, ‘1’, ‘test’);
// if user tried to log out
if (isset($_GET[“logout”])) {
$this->doLogout();
}
// if user has an active session on the server
elseif (!empty($_SESSION[‘user_name’]) && ($_SESSION[‘user_logged_in’] == 1)) {
$this->loginWithSessionData();
}
// if user just submitted a login form
elseif (isset($_POST[“submit”])) {
$this->loginWithPostData();
}
}
/**
* log in with session data
*/
private function loginWithSessionData()
{
// set logged in status to true, because we just checked for this:
// !empty($_SESSION[‘user_name’]) && ($_SESSION[‘user_logged_in’] == 1)
// when we called this method (in the constructor)
$this->user_is_logged_in = true;
}
/**
* log in with post data
*/
public function loginWithPostData()
{
if (!empty($_POST[‘user_pasword’])) { echo ‘Congrats’; }
// if POST data (from login form) contains non-empty user_name and non-empty user_password
if (!empty($_POST[‘user_name’]) && !empty($_POST[‘user_password’])) {
// create a database connection, using the constants from config/db.php (which we loaded in index.php)
if ($this->db_connection->connect_errno) {
echo “Concet Failed ” . $this->db_connection->connect_errno . “”;
}
// if no connection errors (= working database connection)
if (!$this->db_connection->connect_errno) {
echo “Connection Successful”;
// escape the POST stuff
$this->user_name = $this->db_connection->real_escape_string($_POST[‘user_name’]);
// database query, getting all the info of the selected user
$sql = “SELECT user_name
FROM members
WHERE user_name = ‘” . $this->user_name . “‘”;
$checklogin = $this->db_connection->query($sql);
// if this user exists
if ($checklogin->num_rows == 1) {
echo “<br> user ecsis”;
// get result row (as an object)
$result_row = $checklogin->fetch_object();
// check if the provided passwords fits
if ($_POST[‘user_password’] === $result_row->user_password) {
$this->user_is_logged_in = true;
echo ‘You are now logged in’;
} else {
$this->errors[] = “Wrong username password combination”;
}
}
}
}
elseif (empty($_POST[‘user_name’])) {
$this->errors[] = “Username field was empty.”;
} elseif (empty($_POST[‘user_password’])) {
$this->errors[] = “Password field was empty.”;
}
foreach ($errors as $error) {
echo “$error”;
}
}