1

I want to encrypt password in php by use md5 function and I have got an error.

Fatal error: Uncaught Error: Using $this when not in object context in ....(line)

This code I follow up from this link but it was error. I tried to search the similar question on stackoverflow but I doesn't found the same case as me. This is my code. Anyone can help me, please?

The line that found error. $this->stmt = $this->pdo->prepare($sql);

This is my code

<?php
    require_once('connect01.php');

    function addUser($name, $password){
        $hash = md5($password);
        $sql = "INSERT INTO `user` (`username`, `pass`) VALUES ('$name','$password')";
        $this->stmt = $this->pdo->prepare($sql);
        return $this->stmt->execute([$name, $hash]);
    }

    if(isset($_POST['submit'])){

        addUser($_POST['username'], $_POST['pass']);
    }
    ?>
Improve this question
3
  • 2
    your function isn't wrapped within a class definition, therefore $this is unavailable for use. php.net/manual/en/language.oop5.basic.php Commented Jan 29, 2019 at 3:53
  • 3
    DO NOT USE MD5 FOR PASSWORD HASHING. Use password_hash and password_verify. Seriously. Please. Pleaaaaassseee. Commented Jan 29, 2019 at 3:57
  • 1
    You need to have placeholders in your query. It won't bind otherwise. md5 is not an encryption (and passwords shouldn't be encrypted). e.g. $sql = "INSERT INTO `user` (`username`, `pass`) VALUES (?, ?)"; Commented Jan 29, 2019 at 4:01

1 Answer 1

Reset to default
1

$this is not particularly useful outside of a class. Once you learn about classes, you can go back to that site you found.

If you want to use addUser(), you need a class where the $pdo class property is an instance of the PDO class and the $statement class property is an instance of the PDOStatement

The previous page showed you a script named database.php containing the DB class, a model in the model-view-controller design pattern. It fits the requirements stated above.

The most direct way to get this up and running is to add the DB class definition to your script and put the function definition of addUser() inside of it.

Once you have that set up, and once you learn about inheritance, you may consider keeping the DB class in your script but leaving as you found it, without addUsers(). You can still use and add to it if you extends it:

class User extends DB
{
    function addUser($name, $password)
    {
        $hash = md5($password);
        $sql = "INSERT INTO `user` (`username`, `pass`) VALUES ('$name','$password')";
        $this->stmt = $this->pdo->prepare($sql);
        return $this->stmt->execute([$name, $hash]);
    }
}

Keep in mind that if you choose this approach, you will need to change DB::$pdo and DB::$stmt from private to protected:

class DB
{
    protected $pdo = null;
    protected $stmt = null;
/* keep the rest of the class the same */

This is because private class properties are not usable ("visible") by a class that extends the first class, but protected class properties are. This is part of a concept called visibility.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.