i have a problem on my project im currently working on and this is my Email controller i want to get the id of an email registered in my database
if ($this->getRequest()->isPost()) {
$formData = $this->getRequest()->getPost();
if ($form->isValid($formData)) {
$imail = $form->getValue('email');
$users = new Application_Model_DbTable_Users();
$row = $users->fetchRow($users->select('uid')->where('email = ".$imail."'));
/* if ($row == 1) {
$token = uniqid(mt_rand(), true);
$userpass = new Application_Model_DbTable_Password();
$userpass->addToken($uid , $token);
} else { $this->view->errorMessage = "Email not registered"; }
*/
//$this->emailAction();
}
i just need to get the id to be able to shift to my next function but i cant do it also i think this might be unrelated but i did this on pure php and it works fine
if (isset($_POST['submit'])) {
$email = $_POST['email'];
$getemail = mysql_query("SELECT `uid` FROM `users` WHERE `email` ='$email'");
$resemail = mysql_num_rows($getemail);
if ($resemail == 0) {
echo "Email id is not registered";
}
$token = uniqid(mt_rand(), true);
$getoken = mysql_query("INSERT INTO `password_recovery` (`uid`,`token`) VALUES ((SELECT `uid` FROM `users` WHERE `email` = '$email'),'$token') ");
how can i do this logic in zendframework 1 thank you
Solution of Jehad Keriaki is correct, but unsafe. Use prepared statement syntax instead, for example:
$row = $users->fetchRow($users->select('uid')->where('email = ?', $imail));
It will protect you from SQL injection attack.
Try changing
$row = $users->fetchRow($users->select('uid')->where('email = ".$imail."'));
to
$row = $users->fetchRow($users->select('uid')->where('email = "$imail"'));
I think the issue is with the dots, which you still can use as:
$row = $users->fetchRow($users->select('uid')->where('email = "'.$imail.'"'));
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.