0

I am having some issues with PDO. First issue is that in my connection string, I cannot use variables defined in another file (tried include & require). It gives me an error and shows the connectionstring having the variable name instead of the value (yes, single and double quotes were tried).

Second issue and more pressing is that I am getting an error when trying to validate a login. I had it working with the old mysqli, so I know that the html is valid, just not the new logic. Attached is the function I am using:

function validateuser($un, $em)
{
    try
    {
        $db = new PDO("mysql:host=localhost;dbname=XX", 'aa', 'bb', array(
            PDO::ATTR_EMULATE_PREPARES => false,
            PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
        ));
        $stmt = $db->query("SELECT AcctType FROM usr WHERE LOGIN_ID=? or CONTACT_EMAIL=?;");
        $stmt->execute(array(
            $un,
            $em
        ));
        return $stmt->fetchAll(PDO::FETCH_ASSOC);
    }

    catch(exception $e)
    {
        echo $e;
    }
}

the exact error i get is:

Exception 'PDOException' with message 'SQLSTATE[HY000]: General error: 2031 ' in db_backend.php:110 Stack trace: #0 db_backend.php(110): PDO->query('SELECT AcctType...') #1 newuser.php(42): validateuser('Nefer', 'neferitous@blah...') #2 {main}



Thanks in advance!!

Improve this question
2

3 Answers 3

Reset to default
3

In order to bind parameters, you need to use a prepared statement and not a query.

Try the following:

$stmt = $db->prepare("SELECT AcctType FROM usr WHERE LOGIN_ID=? or CONTACT_EMAIL=?;");
$stmt->execute(array(
    $un,
    $em
));
Improve this answer
2
  • Thank you for this, it helped me and I will mark it as answer. It was more than this though. I had to use binding on each variable for it to work and specify the data type. I am used to doing this with vb and c# and am surprised that it is this complex here. I will post my final code for others so that it may hopefully be of help to somebody else.
    – shoretek
    Commented Jun 15, 2013 at 4:35
  • @shoretek Great! Thanks for posting the solution. Good luck on your journey with PHP.
    – phpisuber01
    Commented Jun 15, 2013 at 14:40
0

For your first problem, I'm pretty sure you could break the string and concatenate the variables in:

PDO("mysql:host=".$host.";dbname=".$dbname, $user, $pass,
Improve this answer
1
  • This did not work for me, I had tried it earlier and just confirmed it. For some reason, I am not picking up variables from another file. Not sure what code to post to show that I am referring to, but will try: in my file called config01.php I am declaring $db_host, $db_name and setting them to localhost and usertable respectively. from the PDO file (which is in the same folder as the config01 file), I am using include('config01.php');. If you need more, let me know. Thank you for your input!
    – shoretek
    Commented Jun 15, 2013 at 4:38
-4

Here is my final code to make this part of the PDO statement work:

function validateuser($un, $em) {
    try {
        $db = new PDO(
            "mysql:host=localhost;dbname=db",
            'id',
            'pass',
            array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)
        );
        $stmt = $db->prepare("SELECT ACCTTYPE FROM users WHERE LOGIN_ID=? or CONTACT_EMAIL=?;");
        $stmt->bindParam(1, $un, PDO::PARAM_STR, 15);
        $stmt->bindParam(2, $em, PDO::PARAM_STR, 150);
        $stmt->execute();
        $result = $stmt->fetch();
        return $result["ACCTTYPE"];
    } catch (exception $e) {
        echo $e;
    }
}
Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.