php - Fatal error on prepared statement -
updated...
i writing prepared statements , i´m getting error message:
notice: undefined index: username in c:\program files (x86)\easyphp-12.1\www\inlogg_och_lagar\core.inc.php on line 34
fatal error: uncaught exception 'pdoexception' message 'sqlstate[42000]: syntax error or access violation: 1064 have error in sql syntax; check manual corresponds mysql server version right syntax use near ''' @ line 1' in c:\program files (x86)\easyphp-12.1\www\inlogg_och_lagar\core.inc.php:34 stack trace: #0 c:\program files (x86)\easyphp-12.1\www\inlogg_och_lagar\core.inc.php(34): pdostatement->execute(array) #1 c:\program files (x86)\easyphp-12.1\www\inlogg_och_lagar\index.php(23): getuserrow('username') #2 {main} thrown in c:\program files (x86)\easyphp-12.1\www\inlogg_och_lagar\core.inc.php on line 34
can tell me doing wrong? it´s simple login script.
here loginform.inc.php
<?php if (isset($_post['username'])&&isset($_post['password'])) { $username = $_post['username'] ; $password = $_post['password'] ; $password_hash = md5 ($password); if ($username && $password) { $query ="select * userdata `username` = :username , `password` = :password"; $stmt = $pdo->prepare($query); $stmt->execute(array( ':username' => $_post['username'], ':password' => $password_hash )); $row = (bool) $stmt->fetch(); if (!$rows) { echo '<p class="warning">fel användarnamn/lösenords kombination.</p>'; } else { $_session['user_id'] = $row; header('location: index.php'); exit; } } else { echo '<p class="warning">du måste fylla ett användarnamn och lösenord</p>'; } } ?> <!--- login form ---> <div id="form-column"> <p>you need loggedin.</p> <p>fill out username , password.</p> <form action="<?php echo $current_file; ?>" method="post"> användarnamn: <input type="text" name="username"> lösenord: <input type="password" name="password"> <input type="submit" value="log in"> </form> </div> here core.inc.php
<?php ob_start(); session_start(); $current_file = $_server['script_name']; if (isset($_server['http_referer'])&&!empty($_server['http_referer'])) { $http_referer = $_server['http_referer']; } function loggedin () { if (isset($_session['user_id'])&&!empty($_session['user_id'])) { return true; } else { return false; } } function getuserrow ($row) { $sql ="select * userdata id = ?".$_session['user_id']."'"; global $pdo; $stmt = $pdo->prepare($sql); $stmt->execute(array($_post['username'])); $row = $stmt->fetch(); } ?> and here connect.inc.php
<?php $dsn = "mysql:host=localhost;dbname=users;charset=utf8"; $opt = array( pdo::attr_errmode => pdo::errmode_exception, pdo::attr_default_fetch_mode => pdo::fetch_assoc ); $pdo = new pdo($dsn,'root','', $opt); ?>
your pdo object defined $pdo, later referenced $dbh:
from
connect.inc.php:$pdo = new pdo($dsn,'root','', $opt);from
loginform.inc.php:global $dbh; // ... $stmt = $dbh->prepare($sql);
furthermore, loginform.inc.php not appear include connect.inc.php.
Comments
Post a Comment