tympaniplayer
Reputation: 171
check if row exists with PDO
I am having trouble checking if a row exists to log someone in. The password is salted in the db using the password+ the email I am using PDO.
function is_valid_developer($username, $password)
{
global $db;
$query = 'SELECT COUNT(*) FROM users WHERE username = :username AND password = sha(CONCAT(:password,(SELECT email FROM users WHERE username = :password))) AND developer = true';
$statement = $db->prepare($query);
$statement->bindValue(':username', $username);
$statement->bindValue(':password', $password);
$statement->execute();
$count = $statement->fetchColumn();
if ($count === 1)
{
return TRUE;
}
else
{
return FALSE;
}
}
Upvotes: 0
Views: 1819
Answers (1)
cdhowie
Reputation: 168978
Your subquery appears to be incorrect (see the WHERE username = :password clause), and will likely never return any results. Further, using the same bound parameter twice is not supported in PDO (you use :password twice). Besides that, you don't actually need a subquery at all; try this query:
SELECT COUNT(*) FROM users
WHERE username = :username
AND password = sha(CONCAT(:password, email))
AND developer;
Further, make sure you call $statement->closeCursor() after your call to $statement->fetchColumn(); leaving PDO statement cursors open after you are done with them may cause the database to fail on all future queries.
Upvotes: 4
Related Questions
- How to check if a row exist in the database using PDO?
- Check if row exists in the database before inserting
- Check if table exist using PDO
- Checking against the database for a record exist
- php pdo sql return if rows exist
- PHP PDO check if data exists not working properly
- PDO Query check if value exists
- check if record exists (PDO)
- Check to see if row exists
- Checking if row exists under criteria (PDO, prepare???)