Login to sqlite doesn't work (using PDO) [closed]

https://stackoverflow.com/questions/23480045

16-07-2023
|

سؤال

Closed. This question needs details or clarity. It is not currently accepting answers.

Want to improve this question? Add details and clarify the problem by editing this post.

Closed 9 years ago.

could you help me to check it out? Is there anything wrong here? It couldn't be able to reach to file.sqlite. I'm wondering why. and also when it's successful, it wont direct to phptesting.php.

HTML (testing.php)

<div class="box">
    <form action="login.php" id="loginForm" method="post">
        <p> User ID : <input type ="text" name="userID"> </p>
        <p> Password : <input type ="password" name="password"> </p>
        <p> <input type="submit" value="Login"> </p>
    </form>
</div>

PHP (login.php)

<?php
session_start();

require_once('session.php');
require_once('pdoDB.class.php');

$db = pdoDB::getConnection();
$session = Session::getInstance();

$userID = $_POST['userID'];
$password = $_POST['password'];

if($userID == '') {
        echo ('Please Enter Your Username');
}

$userSQL = "SELECT * FROM user WHERE userid =: '$userID' AND password =: '$password'";
$query = $db->prepare($userSQL);
$query->execute (array ($userID,$password));
$result = $query->fetchObject();

if (empty($result)) {
        echo ('Not Logged In!');
} else {
        echo('Logged In');
        header('location:phptesting.php');
}
?>

pdoDB.class.php

<?php
class pdoDB {

    private static $dbConnection = null;

    private function __construct() {
    }

    private function __clone() {
    }

    public static function getConnection() {
        if ( !self::$dbConnection ) {
            try {
                self::$dbConnection = new PDO( "sqlite:/file.sqlite");
                self::$dbConnection->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
            }
            catch( PDOException $e ) {

                echo $e->getMessage();
            }
        }
        return self::$dbConnection;
    }
}
?>

and session.php

<?php

Class Session {

    private static $getInstance;

    private function __construct(){

        session_start();
    }

    public static function getInstance() {
        if (!isset(self::$getInstance)) {
            self::$getInstance = new Session();
        }
        return self::$getInstance;
    }

    public function setProperty($key,$val) {
        $_SESSION[$key] = $val;
    }

    public function getProperty($key) {
        $returnValue = "";
        if(isset($_SESSION[$key])) {
            $returnValue = $_SESSION[$key];
        }
        return $returnValue;
    }
}


?>

Any problem?

المحلول

You shouldn't put quotes on your placeholders, nor use php variable, should just be :name.

try changing

"SELECT * FROM user WHERE userid =: '$userID' AND password =: '$password'";

$userSQL = "SELECT * FROM user WHERE userid =:userID AND password = :password";

Then execute it the right way since your are using named placeholders:

$query->execute(array (':userID' => $userID,
                       ':password' => $password
));

Alternatively you can use question marks

$userSQL = "SELECT * FROM user WHERE userid =? AND password =?";
$query = $db->prepare($userSQL);
$query->execute(array($userID,$password));

مرخصة بموجب: CC-BY-SA مع الإسناد

لا تنتمي إلى StackOverflow