Hermann Posted January 10, 2012 Share Posted January 10, 2012 Hi there. I have recently encountered a problem and I just can't seem to find what I'm doing wrong. My registration with password hashing does work but I've tried to make it a little bit easier by building my own function for creating pages. It works brilliantly. But then the problem. I've taken the database connection from example 1 and split it into seperate database connection and password hashing files. The problem this caused is that my form validation told me that I cannot redeclare the password hashing function. This made me decide that I will rather make them one file again. This now gives the error that the password hasher's mysqli_real_escape_string has a null first parameter although it is located in the database connection file. As I've said earlier, this problem has started when I began using a function for page building. This is really hard problem to try to explain explain so please ask for any details if anyone can think of something. The database connection file: DEFINE ('DataBase_User','**********'); DEFINE ('DataBase_Password','*******'); DEFINE ('DataBase_Host','***********'); DEFINE ('DataBase_Name','*********'); $connect_to_database = mysqli_connect(DataBase_Host, DataBase_User, DataBase_Password, DataBase_Name); mysqli_set_charset($connect_to_database, 'utf8'); function escape_data($data) { global $connect_to_database; if (get_magic_quotes_gpc())$data = stripslashes($data); return mysqli_real_escape_string($connect_to_database, trim($data)); } function hashed_password ($password) { global $connect_to_database; return mysqli_real_escape_string ($connect_to_database, hash_hmac('sha256', $password, 'c#haRl891', true)); } The page building function: function standard_layout($page_title, $dbc, $page_layout, $page_layout_ie, $stylesheet, $stylesheet_ie, $header_tpl, $page_body, $footer_tpl) { /* Die page title */ $page_title = $page_title; /* Die config file */ require($_SERVER['DOCUMENT_ROOT']."config.php"); /* Die database konneksie */ if ($dbc == 'allow') { require(MYSQL); } echo '<html>'; echo '<header>'; echo '<link rel="stylesheet" type="text/css" href="'.$page_layout.'"/>'; echo '<!--[if IE]><link rel="stylesheet" type="text/css" href="'.$page_layout_ie.'"/><![endif]-->'; echo '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'"/>'; echo '<!--[if IE]><link rel="stylesheet" type="text/css" href="'.$stylesheet_ie.'"/><![endif]-->'; echo '</header>'; echo '<body>'; echo '<div class="wrapper">'; echo '<div id="header_div">'; include($_SERVER['DOCUMENT_ROOT']."$header_tpl"); echo '</div id="header_div">'; echo '<div id="content_div">'; include($_SERVER['DOCUMENT_ROOT']."$page_body"); echo '</div id="content_div">'; echo '<div class="push"></div>'; echo '</div>'; echo '<div class="footer_div">'; include($_SERVER['DOCUMENT_ROOT']."$footer_tpl"); echo '</div>'; echo '</body>'; echo '</html>'; } The form that's giving the problems: $array_of_field_errors = array(); /* POST Request */ if($_SERVER['REQUEST_METHOD'] == 'POST') { /* Email */ if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $email = mysqli_real_escape_string($connect_to_database, $_POST['email']); } else { $array_of_field_errors ['email'] = 'Not a valid email address'; } /* Password */ if(preg_match('/^[a-zA-Z0-9_]{6,32}$/', $_POST['password'])){ if($_POST['password'] == $_POST['confirm_password']) { $password = mysqli_real_escape_string($connect_to_database, $_POST['password']); } else { $array_of_field_errors['confirm_password'] = 'Your passwords did not match'; } } else { $array_of_field_errors['password'] = 'Please enter a valid password'; } /* City */ if (preg_match('/^[A-Z\-]{2,32}$/i',$_POST['city'])){ $city = mysqli_real_escape_string($connect_to_database, $_POST['city']); } else { $array_of_field_errors['city'] = 'Please select your City'; } /* User Type */ if (preg_match('/^[A-Z\-]{8,10}$/i',$_POST['type'])){ $type = mysqli_real_escape_string($connect_to_database, $_POST['type']); } else { $array_of_field_errors['type'] = 'Please indicate what type of user you are '; } if(empty($array_of_field_errors)) { $query_database = "SELECT email FROM users WHERE email = '$email'"; $connected_query = mysqli_query($connect_to_database, $query_database); $rows_returned = mysqli_num_rows($connected_query); if ($rows_returned == 0) { $query_database = "INSERT INTO users (email, password, location, type) VALUES ('$email','".hashed_password($password)."','$city', '$type')"; $connected_query = mysqli_query($connect_to_database, $query_database); if(mysqli_affected_rows($connect_to_database) == 1) { header('Location: http://.........success_pl.php/'); exit(); } else { trigger_error('You could not be registered due to a system error. We apologize for any inconvenience.'); } } else { if($rows_returned ==1 ) { $array_of_field_errors['email'] = 'Email address already registered '; } } } } require_once($_SERVER['DOCUMENT_ROOT']."mvc/controller/functions/forms/text_pass_func.php"); ?> <div id="register"> <fieldset id="validate_register_fieldset"> <legend id="problem_legend"><h2>Please correct these errors</h2></legend> <form action="validate.php" method="post" accept-charset="utf-8" > <p><label for="email"><strong>Email*</strong></label> <small>e.g johndoe@mymail.com</small> <br/><?php text_pass('email', 'text', 'register', $array_of_field_errors);?> </p> <p><label for="password"><strong>Password*</strong></label> <small> 6 Character min. Only letters and numbers</small> <br/><?php text_pass('password', 'password', 'register', $array_of_field_errors);?> </p> <p><label for="confirm_password"><strong>Confirm Password*</strong></label> <br/><?php text_pass('confirm_password', 'password', 'register', $array_of_field_errors);?> </p> <p><label for="city"><strong>City*</strong></label> <br/><?php dropbox('city', 'select' , $array_of_field_errors);?> </p> <p><label for="type"><strong>Type of user*</strong></label> <br/><?php dropbox('type', 'select', $array_of_field_errors);?> </p> </br> <input type="submit" name="submit_button" value="Sign Up" id="submit_button" class="register_button" />   <a href="provide_info.php" align="right"><small>Why do we need this info?</small> </a><br/> </br> <div id="agreed"> <small>By clicking Sign Up you are indicating that you have </br> read and agree to the <a href="terms_pl.php" ><small> Terms of use</small></a> and <a href="privacy_pl.php" ><small>Privacy policy</small></a></small> </div id="agreed"> </form> </fieldset> </div id="register"> The validate.php page that the above form refers to in its action: $page_title = 'Welcome'; $dbc = 'allow'; $page_layout = 'default.css'; $page_layout_ie = 'default_ie.css'; $stylesheet = 'index.css'; $stylesheet_ie = 'index_ie.css'; $header_tpl = 'header_1_tpl.php'; $page_body = 'information_inc.php'; $footer_tpl = 'footer_1_tpl_pl.php'; standard_layout($page_title, $dbc, $page_layout, $page_layout_ie, $stylesheet, $stylesheet_ie, $header_tpl, $page_body, $footer_tpl); Please any help would reeeeaaaaaallly be appreciated! Link to comment Share on other sites More sharing options...
Hermann Posted January 10, 2012 Author Share Posted January 10, 2012 PS I have removed some of the text eg routes to files etc but this shouldn't have any effect on anything. Link to comment Share on other sites More sharing options...
Larry Posted January 11, 2012 Share Posted January 11, 2012 It would be better if you passed the database connection to the functions, rather than having them be global. Then you'd change your function calls and that would fix the errors. 1 Link to comment Share on other sites More sharing options...
Hermann Posted January 22, 2012 Author Share Posted January 22, 2012 Thank you very much for this advice Larry. I have tried it and it works perfectly! Thumbs Up!!!! Link to comment Share on other sites More sharing options...
Recommended Posts