{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 一纸荒年 Trace。 的问题《Strict Standards: Only variables should be passed》','https://www.manongdao.com/q-254047.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am working on a login system for a project using MVC programming and ran into this error. Here is the code, the problem line is #31
This login system is a tutorial, I have been working through it exactly as is. I've read there are some version issues with PHP 5? Not sure, hopefully somebody could assist me.
Problem line:
$stmt->bind_param("ss", $user, md5($pass . $this->salt));
Code:
<?php
/*
Authorization Class
deal with auth tasks
*/
class Auth
{
private $salt = 'j4H9?s0d';
/*
Constructor
*/
function __construct()
{
}
/*
Functions
*/
function validateLogin($user, $pass)
{
// access db
global $Database;
// create query
if ($stmt = $Database->prepare("SELECT * FROM users WHERE username = ? AND password = ?"))
{
$stmt->bind_param("ss", $user, md5($pass . $this->salt));
$stmt->execute;
$stmt->store_result();
// check for num rows
if ($stmt->num_rows > 0)
{
// success
$stmt->close();
return TRUE;
}
else
{
// failure
$stmt->close();
return FALSE;
}
}
else
{
die("ERROR: Could not prepare MySQLi statement.");
}
}
function checkLoginStatus()
{
if (isset($_SESSION['loggedin']))
{
return TRUE;
}
else
{
return FALSE;
}
}
function logout()
{
session_destroy();
session_start();
}
}
Add parenthesis:
The problem is that the 3rd parameter is the result of a function call:
md5($pass . $this->salt)You need to save that value to a variable before passing it to
bind_paramso that it can be passed by reference.Example:
Also, don't use md5 to hash passwords.
This was likely fixed in PHP 5.4 as part of Function Array Dereferencing (FAD) (revision 300266).
Alternatively as workaround try adding extra brackets, e.g.
which would dereference the method/function return, see: (<5.6) Occasionally significant parentheses.
bind_param's params are references to variables. You can't usemd5()there. You need to save it to a variable first.