Unseen MYSQL Error

Question

Im receiving the following error with my MySQL statement -

PHP Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':username' at line 1'

Now here is a section of my code including the statement -

    $dbh = pdo_users();

    $stmt = $dbh->query("SELECT * FROM users WHERE username=:username");
    $stmt->bindParam(':username', $username);
    $stmt->execute();
    $info = $stmt->fetchAll(PDO::FETCH_ASSOC);

This is my connection -

function pdo_users()
{
try
{                                                                                         
    $connect = new PDO('mysql:host=localhost;dbname=mydb', 'username', 'password');
    $connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $connect->setAttribute(PDO::ATTR_PERSISTENT, true);
}
catch (PDOException $e)
{
    header('Location: error.php');
}

return $connect;

}

Funk Forty Niner · Accepted Answer

This line:

$stmt = $dbh->query("SELECT * FROM users WHERE username=:username");

You need to prepare it, not query it.

$stmt = $dbh->prepare("SELECT * FROM users WHERE username=:username");

Unseen MYSQL Error

Answers (1)

Related Questions