Amjad
Reputation: 2090
php pdostament fetch issue
I have a database which has two record for testing purposes... database columns(user_id, username, password and role)....
I am using PHP PDO to communicate with database i have created a class file that extends PDO which is below
<?php
require_once('constants.php');
class PDOConfig extends PDO{
private $real_escape_string;
private $mageic_quote_active;
public function __construct(){
$dsn = DBENGINE .':dbname='. DBNAME.";host=".DBHOST;
parent::__construct($dsn, DBUSER, DBPW);
$mageic_quote_active = get_magic_quotes_gpc();
$real_escape_string = function_exists("mysql_real_escape_string");
}
public function escapeValue($value){
//PHP >= 4.3.0 or greater
if($this->real_escape_string){
if($this->mageic_quote_active){
//if new version exists turn magic quotes off
$value = stripslashes($value);
}
$value = mysql_real_escape_string($value);
}
return $value;
}
}//end of class
$connection = new PDOConfig();
$database =& $connection;
i am using this file on my login page which has the following code
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Sign In</title>
<link rel="stylesheet" href="css/bootstrap.css">
<link rel="stylesheet" href="css/singin-form.css">
<?php require_once('includes/PDOConfig-class.php'); ?>
<?php //require_once('includes/utility-functions.php'); ?>
<?php
$errors = "";
if(isset($_POST['submit'])){
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if(!empty($username) && !empty($password)){
$sql = "SELECT * FROM user WHERE user_name = '" . $database->escapeValue($username) . "'";
$prestmt = $database->prepare($sql);
$prestmt->execute();
$result = $prestmt->fetch($database::FETCH_ASSOC);
//print_r($result);
echo $result['role'];
echo "<br /> Query : " . $sql;
}
//echo '<div class="alert alert-error">something wrong<button type="button" class="close" data-dismiss="alert">×</button></div>';
}
?>
</head>
<body>
<div class="container">
<form class="form-signin" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<h2>Please sign in</h2>
<input type="text" name="username" class="input-block-level" placeholder="User Name" />
<input type="password" name="password" class="input-block-level" placeholder="Password" />
<button name="submit" class="btn btn-primary btn-large" type="submit">Login</button>
</form>
</div>
</body>
</html>
but i dont see anything on my page beside that query that i print... although there there is data there in the database...
another thing when i try to "FETCH_OBJ" use I get the following error
trying to get property of non-object in C:\wamp\www\testPHP\login.php on line 30
the code that generate above error is below
if(!empty($username) && !empty($password)){
$sql = "SELECT * FROM user WHERE user_name = '" . $database->escapeValue($username) . "'";
$prestmt = $database->prepare($sql);
$prestmt->execute();
$result = $prestmt->fetch($database::FETCH_OBJ);
echo $result->role;
}
please help as i have never used PHP PDO and not very good in php... thanks for you time
Upvotes: 0
Views: 185
Answers (1)
Your Common Sense
Reputation: 157839
This link contains everything you need
- Connect to db the way described there (to make PDO to inform you on errors)
- Assign variables to the query the way described there (to make your query safe and sensible)
- Get rid of your PDOConfig as it's totally useless. you need only constructor from there , so, you can just put constructor code itself into PDOConfig-class.php
Then run your code and see what is going wrong
Upvotes: 1