S. Shrestha S. Shrestha - 10 months ago 77
MySQL Question

Notice: Only variables should be passed by reference

The following is my PHP code.


if(isset($_SESSION['user_id'])) {
header("Location: /");

require 'database.php';

$message = '';

if(!empty($_POST['email']) && !empty($_POST['password'])):
//Enter the new user in the database.
$sql ="INSERT INTO users (email, password) VALUES(:email, :password)";
$stmt = $conn->prepare($sql);

$stmt->bindParam(':email', $_POST['email']);
$stmt->bindParam(':password',password_hash($_POST['password'], PASSWORD_BCRYPT));
if ($stmt->execute()):
$message = 'successfully created new user';
$message = 'Sorry there must have been an issue creating your an account.';

It shows an error saying that:

Notice: Only variables should be passed by reference in C:\xampp\htdocs\auth\register.php on line 17

On line 17, this following code lies:

$stmt->bindParam(':password',password_hash($_POST['password'], PASSWORD_BCRYPT));

Any idea what the problem is and what Only variables should be passed by reference means?

Answer Source

bind_param takes values by reference. It does this by looking at the variable you're passing and pointing at the innards directly.

In your call, you're returning the string result of a function call - password_hash in this case. Because there's no variable involved, there are no innards to point to. PHP is whining about not being able to pass the data by reference as a result.

You will need to stick the result of the function call into a variable, then pass that variable into the bind instead.

Try this:

$password = password_hash($_POST['password'], PASSWORD_BCRYPT);
$stmt->bindParam(':password',$password );

Credit: Here