This question already has an answer here:
The following is my PHP code.
<?php
session_start();
if(isset($_SESSION['user_id'])) {
header("Location: /");
}
require 'database.php';
$message = '';
if(!empty($_POST['email']) && !empty($_POST['password'])):
//Enter the new user in the database.
$sql ="INSERT INTO users (email, password) VALUES(:email, :password)";
$stmt = $conn->prepare($sql);
$stmt->bindParam(':email', $_POST['email']);
$stmt->bindParam(':password',password_hash($_POST['password'], PASSWORD_BCRYPT));
if ($stmt->execute()):
$message = 'successfully created new user';
else:
$message = 'Sorry there must have been an issue creating your an account.';
endif;
endif;
It shows an error saying that:
Notice: Only variables should be passed by reference in C:\xampp\htdocs\authegister.php on line 17
On line 17, this following code lies:
$stmt->bindParam(':password',password_hash($_POST['password'], PASSWORD_BCRYPT));
Any idea what the problem is and what Only variables should be passed by reference means?
</div>
bind_param takes values by reference. It does this by looking at the variable you're passing and pointing at the innards directly.
In your call, you're returning the string result of a function call - password_hash in this case. Because there's no variable involved, there are no innards to point to. PHP is whining about not being able to pass the data by reference as a result.
You will need to stick the result of the function call into a variable, then pass that variable into the bind instead.
Try this:
$password = password_hash($_POST['password'], PASSWORD_BCRYPT);
$stmt->bindParam(':password',$password );
Credit: Here
First make
$password = password_hash($_POST['password'], PASSWORD_BCRYPT);
Then this
$stmt->bindParam(':password',$password );
$hashedpassword = password_hash($_POST['password'], PASSWORD_BCRYPT);
$stmt->bindParam(':password',$hashedpassword );