1

Have a look through the code below. This is supposed to check whether or not a database contains a given user. If the it does, it just returns true. If it doesn't, then it returns false.

Anyway, regardless of the user and password existing in the database, for some reason it will not evaluate to true! ! ! 

function databaseContainsUser($email, $password)
{

    include $_SERVER['DOCUMENT_ROOT'].'/includes/db.inc.php';

    try
    {
        $sql = 'SELECT COUNT(*) FROM wl_user
                WHERE email = :email AND password = :password'; 
        $s = $pdo->prepare($sql);
        $s->bindValue(':email', $email);
        $s->bindValue(':password', $password);
        $s->execute("USE $dbname");
    }
    catch (PDOException $e)
    {
        $error = 'Error searching for user. ' . $e->getMessage();
        include $_SERVER['DOCUMENT_ROOT'].'/includes/error.html.php';
        exit();
    }

    $row = $s->fetch(PDO::FETCH_NUM);

    if ($row[0] > 0)
    {   
        return TRUE;
    }
    else
    {
        return FALSE;
    }
}

Any help would be appreciated

cerberus1818
  • 11
  • 2

2 Answers2

0

For some unknown reason you are passing "USE $dbname" string to execute.
remove that string.

Also, you are trying to catch an exception but apparently don't tell PDO to throw them. And you are catching it only to echo a message, which is a big no-no. I've explained the right way recently in this answer

If your problem is different, you have to ask (or better - google for this very problem).
Refer to PDO tag wiki for the proper connect options including database selection and error reporting.

Community
  • 1
  • 1
Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
  • I put the 'code'"USE $dbname" 'code' as for some reason i was getting -- >SQLSTATE[3D000]: Invalid catalog name: 1046 No database selected <-- that error. I just tried running the code with it removed and this happened again... for someone reason it doesn't hold onto the database name.... – cerberus1818 Mar 11 '13 at 05:40
-1

Try this

 try
{
    $pdo = new PDO('mysql:host=localhost;dbname=yourDbName;', 'root', '',
    array(PDO::ATTR_PERSISTENT => true));
    $sql = 'SELECT count(*) FROM user WHERE email = :email AND password = :password'; 
    $s = $pdo->prepare($sql);
    $s->bindValue(':email', $email);
    $s->bindValue(':password', $password);
    $s->execute();
}

This is local server example, just change yourDbName to your db name. I just run this code on my local server and it is working.

arslaan ejaz
  • 1,001
  • 13
  • 31