Level 60
SELECT * FROM users WHERE email = ? AND password = ?
Add and operator between email and password
1 like
May 16, 2020
1
Level 10
Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax;
I've looked through all the other StackOverflow (and google) posts with the same problem, but none seemed to address my problem.
I am using PDO and PHP.
Login.php
function check($data)
{
$email = $data['email'];
$password = $data['password'];
$sql = "SELECT * FROM users WHERE email = ? password = ?";
$params = [$email, $password];
$result = $this->doSelect($sql, $params);
print_r($result);
//if (sizeof($result) > 0) {
// echo 'yes';
//} else {
// echo 'no';
//}
}
Model.php
function doSelect($sql, $values = [], $fetch = '', $fetchStyle = PDO::FETCH_OBJ) {
$stmt = self::$connection->prepare($sql);
foreach ($values as $key => $value) {
$stmt->bindValue($key + 1, $value);
}
$stmt->execute();
if ($fetch == '') {
$result = $stmt->fetchAll($fetchStyle);
} else {
$result = $stmt->fetch($fetchStyle);
}
return $result;
}
I get this error.
Please or to participate in this conversation.