I know there are a lot of these questions concerning this error, but neither of the answers all over stack overflow, google etc. helped me with my problem. Maybe someone here can figure out, why this error constantly occures.
I am relatively new to PHP, so for little Applications I read a lot of tutorials and use them for my cases.
I tried to do a registration page using the following tutorial: http://www.codingcage.com/2015/11/ajax-registration-script-using-jquery-php.html
After everything isset and done, I always get the Error
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 !
...when I submit the registration. So I think it has to be in this part of the code:
$qry = "SELECT * FROM geraeteuser WHERE `user_email` LIKE :email";
$stmt = $db_con->prepare($qry);
$stmt->execute(array(":email"=>$user_email));
I tried everything using backtips here and there, but no matter what I do, it doesn't work.
The full Code looks like this ("geraetestatus" is the table name):
<?php
require_once "dbconfig.php";
if($_POST)
{
$user_name = $_POST['user_name'];
$user_email = $_POST['user_email'];
$user_password = $_POST['password'];
$password = md5($user_password);
try
{
$qry = "SELECT * FROM geraeteuser WHERE `user_email` LIKE :email";
$stmt = $db_con->prepare($qry);
$stmt->execute(array(":email"=>$user_email));
$count = $stmt->rowCount();
if($count==0){
$stmt = $db_con->prepare("INSERT INTO `geraeteuser`(user_name,user_email,user_password) VALUES(:uname, :email, :pass");
$stmt->bindParam(":uname",$user_name);
$stmt->bindParam(":email",$user_email);
$stmt->bindParam(":pass",$password);
if($stmt->execute())
{
echo "registered";
}
else
{
echo "Query could not execute !";
}
}
else{
echo "1"; // not available
}
}
catch(PDOException $e){
echo $e->getMessage();
}
}?>
and in the File "dbconfig.php", that is included, there is a pdo created like this:
<?php
$db_host = ***;
$db_name = ***;
$db_user = ***;
$db_pass = ***;
try{
$dsn = "mysql:host=$db_host;dbname=$db_name";
$db_con = new PDO($dsn, $db_user, $db_pass, array(PDO::ATTR_PERSISTENT => true));
$db_con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e){
echo $e->getMessage();
}?>
Does anyone have any suggestions for me to make this work? I tried nearly everything I could find here and in the google answers, but nothing helped.
In your Insert query String is a Missing closing bracket at the end.
You neee to Close VALUES( ... --> ) <--
Related
This is my code:
<?php
$servername = "localhost";
$username = "root";
$password = "";
try {
$conn = new PDO("mysql:host=$servername;dbname=site", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// prepare sql and bind parameters
$stmt = $conn->prepare("UPDATE site_users SET users_email_verified = :users_email_verified WHERE users_email = :users_email ");
$stmt->bindParam(':users_email_verified', $users_email_verified,PDO::PARAM_STR);
$stmt->bindParam(':users_email',$_GET["email"],PDO::PARAM_STR);
$users_email_verified = "yes";
$stmt->execute();
echo "done";
}
catch(PDOException $e)
{
echo "Connection failed: " . $e->getMessage();
}
?>
But it does not update the record.
But If I write the email directly inside $user_email variable (manually), like this
$users_email = "xyz#example.com";
Then the code works.
I do not understand why? How to fix it?
You have set the binding to be INTEGERS instead of STRINGS here:
$stmt->bindParam(':users_email_verified', $users_email_verified,PDO::PARAM_INT);
$stmt->bindParam(':users_email',$_GET["email"],PDO::PARAM_INT);
You should use PDO::PARAM_STR instead.
It also appear that you're not reporting errors, so you should check your web server's error logs for additional information.
one specific php/mydql command is not working. the sql will not be executed, nor do I get an error message. The sql command executed by HEIDI SQL gives me no error. Query before this command are executed correct. Only this one specific isn't working. I wrote it done one by one as the others which worked perfect before. Heres the code:
$sql = "INSERT INTO users (username,password,email) VALUES(?,?,?)";
$stmt = $conn->prepare($sql);
$stmt->execute(array($username, $hash, $email));
The connection.php file code:
global $conn;
$config = [
$dbname = "mysql:host=localhost; dbname=starwardb;",
$login = "root",
$password = ""
];
try {
$conn = new PDO(...$config);
} catch (Exception $ex) {
echo "ERROR: " . $ex;
}
Thank you for any advice!
The mistake was, that the hashing of the password extends the string. The Database length of the password was by 50. I have increased it to 64 and now it works fine.
From: https://stackoverflow.com/revisions/45147068/3
I'm running through a tutorial where it uses MySQLi but instead I'm using PDO and I have been trying to pin the issue to why I am getting this error:
Fatal error: Call to a member function errorInfo() on string in D:\Program Files (x86)\xampp\htdocs\repos\bla\web\inboxPage.php on line 34
Here is where I am trying to call the errorInfo(), I had previously used mysql_error(); as per tutorial, but this also threw the same error. Before using errorInfo() I was looking around to see if there was a PDO equivelant to mysql_error() which lead me to what you see below - Me thinking it would work. But it didn't.
Tutorials example:
$query = "SELECT id, sender, subject, message FROM messages WHERE reciever='$user'";
$sqlinbox = mysql_query($query);
if(!$sqlinbox)
{
?>
<p><?php print '$query: '.$query.mysql_error();?></p>
<?php
}
My Example:
$sql = 'SELECT id, Sender, Subject, Message FROM privatemessages WHERE Receiver = :receiver';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':receiver', $user);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$result){
?>
<p><?php print '$sql: '.$sql.errorInfo(); ?></p>
<?php
}
Here is my connection to the database:
$servername = 'localhost';
$user = 'root';
$pass = '';
$database = 'tutor_database';
try {
$conn = new PDO("mysql:host=$servername;dbname=$database", $user, $pass);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $e){
echo "Connection failed: " . $e->getMessage();
}
In addition, I did try the first example from the PHP Manual website -> http://php.net/manual/en/pdostatement.errorinfo.php and found that doing so gave me:
PDO::errorInfo():
Notice: Array to string conversion in D:\Program Files (x86)\xampp\htdocs\repos\bla\web\inboxPage.php on line 37
$sql: Array
...instead.
Would appreciate some help on this as I'm clearly failing to see what is happening. Thanks in advance.
In PDO a completely different method for the error reporting have to be used. In short, PDO will report its errors already, without the need to write any code.
So just take out the error reporting part, leaving only
$sql = 'SELECT id, Sender, Subject, Message FROM privatemessages WHERE Receiver = :receiver';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':receiver', $user);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
that's all you need.
I have this error
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[3D000]: Invalid catalog name: 1046 No database selected' in /srv/users/wiput/apps/gallery/public/auth.php:56 Stack trace: #0 /srv/users/wiput/apps/gallery/public/auth.php(56): PDOStatement->execute() #1 {main} thrown in /srv/users/wiput/apps/gallery/public/auth.php on line 56
in con.inc.php
<?
$db_server = "localhost";
$db_user = "gallery";
$db_password = "<censored>";
$db_name = "gallery";
$conn = new PDO("mysql:server=$db_server;Database=$db_name",$db_user,$db_password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
?>
in auth.php
<?
ob_start();
session_start();
//Global Variable
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
//Convert to MD5
$md5_pw = md5($password);
//Check Blank form
if($username == '')
{
$_SESSION["error"] = 2;
header("location:index.php");
}
elseif($password == '')
{
$_SESSION["error"] = 3;
header("location:index.php");
}
else
{
//Connect file
require("con.inc.php");
//Check data
$sql = "SELECT * FROM member WHERE username= :username AND password= :md5_pw ";
$result = $conn->prepare($sql);
$result->bindValue(':username', $username);
$result->bindValue(':md5_pw', $md5_pw);
$result->execute();
$data = $result->fetchAll( PDO::FETCH_ASSOC );
if ($data !== false)
{
echo 'Hi! ', $data['firstname'];
}
else
{
$_SESSION["error"] = 1;
header("location:index.php");
}
}
?>
I use serverpilot web server with PHP 5.6.
If any one can please fix it.
Thank you :)
As the error says, you don't have an active database selected. The reason is that your names in the DSN string is way off. In particular, Database should be dbname and server should be host (while the current value works because it defaults to localhost, probably - the dbname is what is giving you the error). Be sure to use the actual format and don't invent your own names.
See PDO_MYSQL DSN for the correct format.
To add more to this, this is because your database could not selected.
It could be various reasons.
Try this: $conn = new PDO("mysql:host=$db_server;dbname=$db_name",$db_user,$db_password);
rather than $conn = new PDO("mysql:server=$db_server;Database=$db_name",$db_user,$db_password); and see if it works as server is suppose to be host, and database is suppose to be dbname.
I usually connect to the database by doing this $conn ->exec('USE gallery;');
I converted my login page to use PDO but now it's not working. I've run through all kinds of code examples and I can't figure out where I'm going wrong. This looks perfect to me. Also error reporting is fully enabled and yet I don't get any errors. I just get the browser error for the page being "incorrectly configured". FYI, this is a SQL db
//Code
<?php
require ("../Android/connect_db.php");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$query_unpw = $db->prepare("
SELECT member_mast.company_name
FROM member_mast
WHERE username = ?
AND password = ?
");
//$username = $_POST['username'];
//$password = $_POST['password'];
$username = 'abc';
$password = 'abc';
$name = "name";
$query_unpw->bindValue(1, $username, PDO::PARAM_STR);
$query_unpw->bindValue(2, $password, PDO::PARAM_STR);
$query_unpw->execute();
$count = $query_unpw->rowCount();
if ($count > 0) {
while ($row = $query_unpw->$fetch(PDO::FETCH_ASSOC)) {
$name = $row['company_name'];
}
echo $name;
} else {
echo "Username/Password is invalid";
}
} catch(PDOException $e) {
die($e->getMessage());
}
?>
Now the only thing I've been able to figure out after commenting out different pieces of code is that if I comment out the username and password, like this
//$username = 'abc';
//$password = 'abc';
Then the page loads and just gives me my else echo of "Username/Password is invalid". However I don't think I'm using them wrong and I know they are correct. So the obvious question is am I blind, what's wrong here? The bonus question is, since I will be using _POST for these variables when this works, am I properly sanitizing the user inputs? Still really new to PDO and I want to make sure I'm doing this right. Thanks for the help!
Problem is here:
$query_unpw->$fetch
It must be:
$query_unpw->fetch()
It's a method, so skip that $ sign.
I suggest you to use ini_set('display_errors', "On") while developing.