[Password Hash Function Not Working]

PS I have removed some of the text eg routes to files etc but this shouldn't have any effect on anything.

[Password Hash Function Not Working]

Hi there. I have recently encountered a problem and I just can't seem to find what I'm doing wrong. My registration with password hashing does work but I've tried to make it a little bit easier by building my own function for creating pages. It works brilliantly. But then the problem.

 

I've taken the database connection from example 1 and split it into seperate database connection and password hashing files. The problem this caused is that my form validation told me that I cannot redeclare the password hashing function. This made me decide that I will rather make them one file again. This now gives the error that the password hasher's mysqli_real_escape_string has a null first parameter although it is located in the database connection file.

 

As I've said earlier, this problem has started when I began using a function for page building. This is really hard problem to try to explain explain so please ask for any details if anyone can think of something.

 

 

 

 

 

The database connection file:

 

 

DEFINE ('DataBase_User','**********');

 

DEFINE ('DataBase_Password','*******');

 

DEFINE ('DataBase_Host','***********');

 

DEFINE ('DataBase_Name','*********');

 

$connect_to_database = mysqli_connect(DataBase_Host, DataBase_User, DataBase_Password, DataBase_Name);

 

mysqli_set_charset($connect_to_database, 'utf8');

 

function escape_data($data) {

 

global $connect_to_database;

 

if (get_magic_quotes_gpc())$data = stripslashes($data);

 

return mysqli_real_escape_string($connect_to_database, trim($data));

 

}

 

function hashed_password ($password) {

 

global $connect_to_database;

 

return mysqli_real_escape_string ($connect_to_database, hash_hmac('sha256', $password, 'c#haRl891', true));

 

}

 

 

 

 

The page building function:

 

 

function standard_layout($page_title, $dbc, $page_layout, $page_layout_ie, $stylesheet, $stylesheet_ie, $header_tpl, $page_body, $footer_tpl) {

 

 

 

 

 

 

 

/*

 

Die page title

 

*/

 

$page_title = $page_title;

 

 

 

 

 

 

 

 

/*

 

Die config file

 

*/

 

require($_SERVER['DOCUMENT_ROOT']."config.php");

 

 

 

 

 

 

 

 

/*

 

Die database konneksie

 

*/

 

if ($dbc == 'allow') {

 

require(MYSQL);

 

}

 

echo '<html>';

 

echo '<header>';

 

echo '<link rel="stylesheet" type="text/css" href="'.$page_layout.'"/>';

 

echo '<!--[if IE]><link rel="stylesheet" type="text/css" href="'.$page_layout_ie.'"/><![endif]-->';

 

echo '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'"/>';

 

echo '<!--[if IE]><link rel="stylesheet" type="text/css" href="'.$stylesheet_ie.'"/><![endif]-->';

 

echo '</header>';

 

echo '<body>';

 

echo '<div class="wrapper">';

 

echo '<div id="header_div">';

 

include($_SERVER['DOCUMENT_ROOT']."$header_tpl");

 

echo '</div id="header_div">';

 

echo '<div id="content_div">';

 

include($_SERVER['DOCUMENT_ROOT']."$page_body");

 

echo '</div id="content_div">';

 

echo '<div class="push"></div>';

 

echo '</div>';

 

echo '<div class="footer_div">';

 

include($_SERVER['DOCUMENT_ROOT']."$footer_tpl");

 

echo '</div>';

 

 

echo '</body>';

 

echo '</html>';

 

 

}

 

 

 

 

 

The form that's giving the problems:

 

 

 

$array_of_field_errors = array();

 

/*

 

POST Request

 

*/

if($_SERVER['REQUEST_METHOD'] == 'POST') {

 

 

 

 

 

 

 

/*

 

Email

 

*/

 

if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {

 

$email = mysqli_real_escape_string($connect_to_database, $_POST['email']);

 

} else {

 

$array_of_field_errors ['email'] = 'Not a valid email address';

 

}

 

 

 

 

 

 

 

/*

 

Password

 

*/

 

if(preg_match('/^[a-zA-Z0-9_]{6,32}$/', $_POST['password'])){

 

if($_POST['password'] == $_POST['confirm_password']) {

 

$password = mysqli_real_escape_string($connect_to_database, $_POST['password']);

 

} else {

 

$array_of_field_errors['confirm_password'] = 'Your passwords did not match';

 

}

 

} else {

 

$array_of_field_errors['password'] = 'Please enter a valid password';

 

}

 

 

 

 

 

 

 

/*

 

City

 

*/

 

if (preg_match('/^[A-Z\-]{2,32}$/i',$_POST['city'])){

 

$city = mysqli_real_escape_string($connect_to_database, $_POST['city']);

 

} else {

 

$array_of_field_errors['city'] = 'Please select your City';

 

}

 

 

 

 

 

 

 

/*

 

User Type

 

*/

 

if (preg_match('/^[A-Z\-]{8,10}$/i',$_POST['type'])){

 

$type = mysqli_real_escape_string($connect_to_database, $_POST['type']);

 

} else {

 

$array_of_field_errors['type'] = 'Please indicate what type of user you are ';

 

}

 

if(empty($array_of_field_errors)) {

 

 

$query_database = "SELECT email FROM users WHERE email = '$email'";

 

$connected_query = mysqli_query($connect_to_database, $query_database);

 

$rows_returned = mysqli_num_rows($connected_query);

 

if ($rows_returned == 0) {

 

 

$query_database = "INSERT INTO users (email, password, location, type) VALUES ('$email','".hashed_password($password)."','$city', '$type')";

 

$connected_query = mysqli_query($connect_to_database, $query_database);

 

if(mysqli_affected_rows($connect_to_database) == 1) {

 

 

header('Location: http://.........success_pl.php/');

 

exit();

 

} else {

 

trigger_error('You could not be registered due to a system error. We apologize for any inconvenience.');

 

 

}

 

} else {

 

if($rows_returned ==1 ) {

 

$array_of_field_errors['email'] = 'Email address already registered ';

 

}

 

}

 

}

 

}

 

 

require_once($_SERVER['DOCUMENT_ROOT']."mvc/controller/functions/forms/text_pass_func.php");

 

 

 

?>

 

 

 

<div id="register">

 

<fieldset id="validate_register_fieldset">

 

<legend id="problem_legend"><h2>Please correct these errors</h2></legend>

 

<form action="validate.php" method="post" accept-charset="utf-8" >

 

 

<p><label for="email"><strong>Email*</strong></label>&nbsp<small>e.g johndoe@mymail.com</small>

 

<br/><?php text_pass('email', 'text', 'register', $array_of_field_errors);?>

 

</p>

 

<p><label for="password"><strong>Password*</strong></label>&nbsp<small> 6 Character min. Only letters and numbers</small>

 

<br/><?php text_pass('password', 'password', 'register', $array_of_field_errors);?>

 

</p>

 

<p><label for="confirm_password"><strong>Confirm Password*</strong></label>

 

<br/><?php text_pass('confirm_password', 'password', 'register', $array_of_field_errors);?>

 

</p>

 

 

<p><label for="city"><strong>City*</strong></label>

 

<br/><?php dropbox('city', 'select' , $array_of_field_errors);?>

 

</p>

 

 

<p><label for="type"><strong>Type of user*</strong></label>

 

<br/><?php dropbox('type', 'select', $array_of_field_errors);?>

 

</p>

 

</br>

 

<input type="submit" name="submit_button" value="Sign Up" id="submit_button" class="register_button" />

 

&nbsp

 

<a href="provide_info.php" align="right"><small>Why do we need this info?</small> </a><br/>

 

</br>

 

<div id="agreed">

 

<small>By clicking Sign Up you are indicating that you have </br> read and agree to the <a href="terms_pl.php" ><small>

 

Terms of use</small></a> and <a href="privacy_pl.php" ><small>Privacy policy</small></a></small>

 

</div id="agreed">

 

</form>

 

</fieldset>

 

</div id="register">

 

 

 

 

 

 

The validate.php page that the above form refers to in its action:

 

 

$page_title = 'Welcome';

 

$dbc = 'allow';

 

$page_layout = 'default.css';

 

$page_layout_ie = 'default_ie.css';

 

$stylesheet = 'index.css';

 

$stylesheet_ie = 'index_ie.css';

 

$header_tpl = 'header_1_tpl.php';

 

$page_body = 'information_inc.php';

 

$footer_tpl = 'footer_1_tpl_pl.php';

 

standard_layout($page_title, $dbc, $page_layout, $page_layout_ie, $stylesheet, $stylesheet_ie, $header_tpl, $page_body, $footer_tpl);

 

 

 

Please any help would reeeeaaaaaallly be appreciated!

[Uploading Images And Showing As Profile Picture]

Thank you very much Rob. I was overcomplicating the whole thing. Tried to use header(Content-type:.... etc when all I needed to do was what you told me. Haha. Thanks again for the help!

[Uploading Images And Showing As Profile Picture]

Hi there Larry. Firstly I would like to thank you for the great book.Before I started with your Effortless ECommerce book I didn't have a day's coding experience and I can honestly say that I have become quite accustomed to coding and techniques used as a result of this book so I am really thankful!

 

I am building a social network type of site some of the principles in this book. I have used the image uploader from the second part of the book and instead of generating unique image names for every file, I have decided to rename the file so that it will exist only out of the user id data stored in the $_SESSION and the username. This is also stored in the session. A file would thus be stored in the following example directory...model/uploads/images/business_logos/5WalMart/5WalMart.jpg (this is just an example to Wal Mart's directory where it's logo will be stored).

 

The image is stored and everything is working 100%. The only problem that I have is that I do not know how to display this image in a browser. What should be stored in a database table? How do I retrieve and show this image on a page? Any help would be appreciated.

 

Please ask if you want any extra info!

 

Kind Regards!