I have the following SQLite QUERY in my PHP script:
try
{
//open the database
$db = new PDO('sqlite:users.sqlite');
//create the database or view existing
$db->exec("CREATE TABLE USERS (Id INTEGER PRIMARY KEY, Type TEXT, Name TEXT, Password TEXT)");
//select records with username and password match
$existUser = $db->query("SELECT COUNT(*) FROM Users WHERE Name='" . $incomingusername . "' and Password ='" . $incomingpassword . "'");
//check that either the result string isn't empty or somehow count rows
$result = sqlite_num_rows($existUser);
print $result;
echo "Done output from SQL<BR>";
// close the database connection
$db = NULL;
}
catch(PDOException $e)
{
print 'Exception : '.$e->getMessage();
}
I get an error from this: Fatal error: Call to undefined function sqlite_num_rows()
So I did some searching and it turns out that the language spec is a lie and this method doesn't exist. All I need is to test whether my sqlite database contains a username and password. I have also tried SELECT COUNT(*) FROM Users WHERE Name='Jeff' and Password ='Monhty'; but this doesn't return anything I am able to use, I don't understand the type of the return result. When I run this SELECT COUNT in a console against the database I get one result exactly, correct behaviour.
Please could someone indicate a SQL string that I can use that lets me treat its result as a Boolean in my PHP script? Many thanks.
Ninjaedit - ->numRows(); doesnt work either. Also not recognised.
You could change "SELECT COUNT(*) FROM..." to
"SELECT CAST((COUNT(*)=1) AS BOOLEAN) FROM..."
if you want to check if exactly one user exists, or
"SELECT CAST((COUNT(*)>=1) AS BOOLEAN) FROM..."
if you want to check if one or more users exist.
There are a few problems with your code:
First, you are trying to use sqlite_num_rows
on a PDO handle. PDO is a database abstraction layer that works with many underlying database systems. sqlite_num_rows
only works with handles from the native SQLite extension in PHP. So you can't use sqlite_num_rows
here.
Secondly, SELECT COUNT(*) ...
will always return 1 row, regardless of if there was a match found or not, for example:
SELECT COUNT(*) AS MyCount FROM Users WHERE Name = 'Jeff'
Will return a result set that looks something like this:
+---------+
| MyCount |
+---------+
| 1 |
+---------+
Assuming you have a row in the Users
table that has the value Jeff
in the Name
column.
If, instead, you were to execute this:
SELECT COUNT(*) AS MyCount FROM Users WHERE Name = 'ThisDoesNotExist'
You would get a result set that looked like:
+---------+
| MyCount |
+---------+
| 0 |
+---------+
So you would still have 1 row, but the value of the MyCount
column in the result set would tell you if a match was found or not. So even if you could use sqlite_num_rows
here, it wouldn't help you because it would always return 1
.
What you really want to do is check the value of MyCount
in the result set, and if it is 1
then there was a match, and if it is a 0
there was not a match.
Keep in mind that if there were multiple rows in your Users
table that had the same Name
and Password
then COUNT(*)
would return something the number of rows where that match occurred.
The following code should get you what you are looking for:
$existUser = false;
//select records with username and password match
$stmt = $db->prepare("SELECT COUNT(*) AS MyCount FROM Users WHERE Name = ? AND Password = ?");
if ($stmt->execute(array($incomingusername, $incomingpassword))) {
$rows = $stmt->fetchAll();
$existUser = ($rows[0]['MyCount'] == 1);
}
if ($existUser) {
/* Found a matching user */
} else {
/* Did NOT find a matching user */
}
The side effect of this approach is that you are protected from SQL injection .
Maybe..
$existUser = $db->query("SELECT COUNT(*) as count FROM Users WHERE Name='" . $incomingusername . "' and Password ='" . $incomingpassword . "'");
$row = $existUser->fetchAll();
$numRows = $row[0]['count'];
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.