I'm at a complete loss, please help me out here. I built a site using PEAR:😃B for database abstraction on my own webhosting server, made sure everything worked, then transferred it to the customer's webhost after having him also install PEAR:😃B. The new site worked up until I tried to ogin the first time. Now every time I try to look at just the home page (or any page), I get:
Catchable fatal error: Object of class DB_result could not be converted to string in /home/vastdavi/public_html/autumn/check_login.php on line 29
Now, this check_login.php file is called from db_connect.php (providing all the info to draw data from the database), and db_connect.php is called from the header.php, which is at the start of every page. Login.php calls it too if the login form hasn't been submitted. If it has, only db_connect.php is called so it can access the database to check passwords, and since db_connect.php calls check_login.php, the session_start(); has already been intiated.
That's how things are arranged. Below is the complete check_login.php script.
<?php
// check login script, included in db_connect.php.
session_start();
if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {
$logged_in = 0;
return;
} else {
// remember, $_SESSION['password'] will be encrypted.
if (!get_magic_quotes_gpc()) {
$_SESSION['username'] = addslashes($_SESSION['username']);
}
// addslashes to session username before using in a query.
$password = $db_object->query("SELECT `password` FROM `users` WHERE `username` = '".$_SESSION['username']."' LIMIT 1");
if (DB::isError($password)) {
$logged_in = 0;
unset($_SESSION['username']);
unset($_SESSION['password']);
unset($_SESSION['type']); // kill incorrect session variables.
}
$db_pass = $password->fetchRow();
// now we have encrypted pass from DB in $db_pass['password'], stripslashes() just incase:
$db_pass['password'] = stripslashes($db_pass['password']);
$_SESSION['password'] = stripslashes($_SESSION['password']);
//compare:
if ($_SESSION['password'] == $db_pass['password']) { // valid password for username
$logged_in = 1; // they have correct info in session variables.
} else {
$logged_in = 0;
unset($_SESSION['username']);
unset($_SESSION['password']);
unset($_SESSION['type']); // kill incorrect session variables.
}//end if passwords match
}//end if isset SESSION username or password
// clean up
unset($db_pass['password']);
$_SESSION['username'] = stripslashes($_SESSION['username']);
?>
Now why, using the exact same files on both servers, does my server still work perfectly (I can login, view restricted content, log back out, and see the general public version of the page, etc.), and his server gave me this error AFTER trying to login one, and it won't go away?
BOTH webhosts are using Apache 2.2.22, PHP 5.2.17, PEAR 1.9.4 (my server was using a slightly older one, I updated, mine still works), and DB 1.7.14 (again, mine was created using the older 1.7.12, but I updated this also to make them match, and my server still functioned flawlessly). The MySQL versions are different, but would that have anything to do with a PHP parsing error??
What else can I check? Is this a problem with PEAR:😃B somehow (even though all versions are the same on both servers and it works on one), or are sessions not being saved correctly on the new server, or what?
