stackoom
  简体   繁体   中英

Having trouble with PDO queries

 原文  2015-05-15 15:37:28       php/ mysql/ pdo

Question

Can someone please take a look at this block of code? I am very new to the PDO method, for some reason this keeps causing a 500 error whenever I submit.

I have narrowed it down to this:

Could it be this part? $hash = $stmt['hash']; 

if(empty($response['error'])){
    $stmt = $db->prepare("SELECT * FROM Login WHERE username= :username"); // Prepare the query
 // Bind the parameters to the query
    $stmt->bindParam(':username', $username);
    //Carry out the query
    $stmt->execute();
    $hash = $stmt['hash'];

    $affectedRows = $stmt->rowCount(); // Getting affected rows count
    if($affectedRows != 1){
        $response['error'][] = "No User is related to the Username";
    }
    if(password_verify($password, $hash))
    {
      $_SESSION['username'] = $_POST['username'];
            $_SESSION['userid'] = $stmt['ID'];
    }
    else
    {
      $response['error'][] = "Your password is invalid.";
    }
}

If you need more info please ask I will be happy to supply anything I can.

2 answers

solution1
 1 ACCPTED  2015-05-15 15:56:49

You need to fetch the result of the query to have it accessible. I'm not sure this is your issue, I'd think $hash would just be set to Resource Id#x, not what you want but not a 500. Here's how to fetch ( http://php.net/manual/en/pdostatement.fetch.php ) though 

$stmt = $db->prepare("SELECT * FROM Login WHERE username= :username"); // Prepare the query
 // Bind the parameters to the query
    $stmt->bindParam(':username', $username);
    //Carry out the query
    $stmt->execute();
  //if you will only be getting back one result you dont need the while or hashes as an array
   while($result = $stmt->fetch(PDO::FETCH_ASSOC)){
    $hashes[] = $result['hash'];
   }

Here's a thread on enabling error reporting PHP production server - turn on error messages

Also you don't have to bind to pass values with the PDO. You also could do 

$stmt = $db->prepare("SELECT * FROM Login WHERE username= ?"); // Prepare the query
$stmt->execute(array($username));

solution2
 1  2015-05-15 16:02:23

Your code is really messy. Just to help you with start point: 

if (empty($response['error'])) {
    if (isset($_POST['username'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $stmt = $db->prepare("SELECT * FROM Login WHERE username= :username"); 
        $stmt->bindParam(':username', $username);
        $stmt->execute();
        if ($row  = $stmt->fetch(PDO::FETCH_ASSOC)) {
           $hash = $row['hash'];
           if(password_verify($password, $hash)) {
              $_SESSION['username'] = $username;
              $_SESSION['userid'] = $stmt['ID'];
           } else {
              $response['error'][] = "Your password is invalid.";
           }
        } else {
           $response['error'][] = "No User is related to the Username";
        }
    } else {
      $response['error'][] = "Username is not set!";
    }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Having trouble with PDO queries (Notice: Undefined index) Having Trouble with PDO, but No Errors Having trouble in sending the results from pdo to ajax Having trouble extracting data from PDO array Having trouble with PDO Prepared Statement and “LIKE” Having trouble logging a user in using PHP and PDO Having trouble querying the database with a String with PDO::query() Having trouble binding strings to a PDO query in PHP Having trouble using MySQLi INSERT queries PDO Prepared Statements: having trouble binding multiple values to query
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM