Welcome to the Treehouse Community

The Treehouse Community is a meeting place for developers, designers, and programmers of all backgrounds and skill levels to get support. Collaborate here on code errors or bugs that you need feedback on, or asking for an extra set of eyes on your latest project. Join thousands of Treehouse students and alumni in the community today. (Note: Only Treehouse students can comment or ask questions, but non-students are welcome to browse our conversations.)

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and a supportive community. Start your free trial today.

PHP

Thomas Pane
Thomas Pane
7,804 Points

PHP 5 password_hash()

Does treehouse workspaces support previewing the php5 password_hash() function? Or am I getting this error because of browser compatibility issues?

  • Here is my error message: Fatal error: Call to undefined function password_hash() in /home/treehouse/workspace/signup.php on line 60
  • Here is how I am using the code on line 60: ($password is a variable string) $p_hash = password_hash($password, PASSWORD_DEFAULT); -Here is the documentation for the password_hash(); function: http://php.net/manual/en/function.password-hash.php

3 Answers

Matt Trask
Matt Trask
10,027 Points

It would be helpful to see the code around line 60 to see how everything else looks. The workspace should support pasword_hash

Thomas Pane
Thomas Pane
7,804 Points

Well i set the $password variable from a post as follows: $password = $_POST['p']; I have checked to see if $_POST['p']; is being retrieved by using the echo command and changing html to show ajax.responseText. It is working. It seems that my server is not recognizing the function password_hash(); which is strange. I will add my full code block from this page. I also had to take out mysqli commands because they were not being recognized either.

Thomas Pane
Thomas Pane
7,804 Points
// this is code to execute the usernameCheck when function uniqueUsername() is triggered
if(isset($_POST["usernamecheck"])) {
  // do this once you have a database: include_once("php-includes/db_conx.php");
  $username = $_POST['usernamecheck'];
  // $sql = "SELECT id FROM users WHERE username='$username' LIMIT 1";
  // $query = mysqli_query($db_conx, $sql);
  // $uname_check = mysqli_num_rows($query);
  $uname_check = 0; // this is for fun to test code until database is up
  if(strlen($username) < 5 || strlen($username) > 18) {
    echo '<strong style="color:#F00;">must be 5-18 characters long.</strong>';
    exit();
  } else if (is_numeric($username[0])) {
    echo '<strong style="color:#F00;">First character in username must be a letter.</strong>';
    exit();
  } else if ($uname_check < 1) {
    echo '<strong style="color:#009900;">This username is available!</strong>';
    exit();
  } else if ($uname_check > 0) {
    echo '<strong style="color:#F00;">This username is already taken.</strong>';
    exit();
  }
}
?><?php
if(isset($_POST["u"])) {
  // do this once you have a database: include_once("php-includes/db_conx.php");
  $username = preg_replace('#[^abcdefghijklmnopqrstuvwxyz0123456789_-]#i', "", $_POST['u']);
  $email = $_POST['e'];
  $cleanemail = filter_var($email, FILTER_SANITIZE_EMAIL);
  $password = $_POST['p'];
  // this will get the users ip address:
    // $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
  // this will check for same usernames:
    // $sql = "SELECT id FROM users WHERE username='$username' LIMIT 1";
    // $query = mysqli_query($db_conx, $sql);
    // $uname_check = mysqli_num_rows($query);
  // this will check for same email
    // $sql = "SELECT id FROM users WHERE email='$e' LIMIT 1";
    // $query = mysqli_query($db_conx, $sql);
    // $e_check = mysqli_num_rows($query);
  // handle code check for database return (using dummy var sets to make it work till data base is up)
  $uname_check = 0;
  $e_check = 0;
  if ($username == "" || $cleanemail == "" || $password == "") {
    echo "Your form is missing data.";
    exit();
  } else if ($uname_check > 0) {
    echo '<strong style="color:#F00;">This username is already taken.</strong>';
    exit();
  } else if ($e_check > 0) {
    echo '<strong style="color:#F00;">This email address is already in our system.</strong>';
    exit();
  } else if (is_numeric($username[0])) {
    echo '<strong style="color:#F00;">First character in username must be a letter.</strong>';
    exit();
  } else if(strlen($username) < 5 || strlen($username) > 18) {
    echo '<strong style="color:#F00;">Username must be 5-18 characters long.</strong>';
    exit();
  } else {
    // $p_hash = password_hash($password, PASSWORD_DEFAULT);
    // $sql = "INSERT INTO users (username, email, password, ip, lastlogin, signup) VALUES('$username', '$cleanemail', '$p_hash', '$ip', now(), now())";
    // $query = mysqli_query($db_conx, $sql);
    //if(!file_exixsts("user/$username")) {mkdir("user/$username", 0755);}
    $to = "$cleanemail";
    $from = "do_not_reply@sportsConnect.com";
    $subject = "SportSConnect Advertising Account Activation:";
    // surround message with '' so you can use double quotes within for html and 'around variables'
    //$message = 'Click this link to activate your account: <a href="http://www.sportsconnect.com/activation.php?id='.$uid.'&u='.$username.'&e='.$cleanemail.'&p='.$p_hash.'"Link</a>';
    $headers = "From: $from\n";
    $headers .= "MIME-Version: 1.0\n";
    $headers .= "Content-type: text/html; charset=iso-8859-1\n";
    if(mail($to, $subject, $message, $headers)) {
      echo 'wowo! the email is up and running!!!';
      exit();
    } else {
      echo 'good work';
      exit();
    }  
  }
}
?>```