login form using session and pdo
Question
I have just started to convert my old sql code into pdo but I am having difficulties in doing so, I have tried to convert my login script into pdo form, here is the conversion
<?php
session_start(); // Starting Session
if (isset($_POST['submit']))
{
try
{
// Define $email and $password
$email = $_POST['email'];
$password = $_POST['password'];
//Etablishing Connection with Server
$dbhost = "qwe.com";
$dbname = "qwe";
$dbuser = "qwe";
$dbpass = "qwe";
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass);
$stmt = $conn->prepare("SELECT * FROM register WHERE WHERE `email` = :email and `password` = :password ");
$stmt->execute(array(':email' => $_POST['email'],':password'=> $_POST['password']));
$num=$stmt->fetchColumn();
if($num > 0)
{
header("location:dashboard.php");
}
else
{
header("location:login.php");
}
}
catch (Exception $e)
{
echo 'Caught exception: ', $e->getMessage(), "\n";
}
}
?>
The page is not getting redirected to any page, instead it is getting redirected to a blank page
3 answers
solution1
3 2014-10-27 10:45:03
This is happening because the try{} block expects a
catch{}
You have to add it in order for it to not display that error
add it like this:
catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
Read more about it here
Hope it helps! :D
solution2
2 2014-10-27 10:45:48
add a catch statement after try }
catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
Update Insert it after try
<?php
session_start(); // Starting Session
if (isset($_POST['submit']))
{
try
{
// Define $email and $password
$email = $_POST['email'];
$password = $_POST['password'];
//Etablishing Connection with Server
$dbhost = "qwe.com";
$dbname = "qwe";
$dbuser = "qwe";
$dbpass = "qwe";
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass);
$stmt = $conn->prepare("SELECT * FROM register WHERE WHERE `email` = :email and `password` = :password ");
$stmt->execute(array(':email' => $_POST['email'],':password'=> $_POST['password']));
$num=$stmt->fetchColumn();
if($num > 0)
{
header("location:dashboard.php");
}
else
{
header("location:login.php");
}
}
catch (Exception $e)
{
echo 'Caught exception: ', $e->getMessage(), "\n";
}
}
?>
solution3
1 ACCPTED 2014-10-27 14:25:58
Your query fails to prepare because you have 2 WHERE in your sql query.
SELECT * FROM register WHERE WHERE
password= :password
You should set connection to throw errors:
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
Check for all values not just submit
if (isset($_POST['submit'], $_POST['email'], $_POST['password']))
Full code:
<?php
session_start(); // Starting Session
if (isset($_POST['submit'], $_POST['email'], $_POST['password']))
{
try
{
// Define $email and $password
$email = $_POST['email'];
$password = $_POST['password'];
//Etablishing Connection with Server
$dbhost = "qwe.com";
$dbname = "qwe";
$dbuser = "qwe";
$dbpass = "qwe";
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "SELECT * FROM register
WHERE `email` = :email AND
`password` = :password ";
$stmt = $conn->prepare($sql);
$stmt->execute(array(':email' => $_POST['email'],
':password'=> $_POST['password']));
$num=$stmt->rowCount();
if($num > 0){
header("location:dashboard.php");
}
else{
header("location:login.php");
}
}catch (Exception $e)
{
echo 'Caught exception: ', $e->getMessage(), "\n";
}
}
?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.